Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2014-1486 (GCVE-0-2014-1486)
Vulnerability from cvelistv5 – Published: 2014-02-06 02:00 – Updated: 2024-08-06 09:42
VLAI?
EPSS
Summary
Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:42:36.212Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2119-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"name": "1029721",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=942164"
},
{
"name": "openSUSE-SU-2014:0212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"name": "1029717",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "RHSA-2014:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"name": "56922",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56922"
},
{
"name": "56787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name": "56858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56858"
},
{
"name": "DSA-2858",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"name": "56763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56763"
},
{
"name": "USN-2102-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "RHSA-2014:0133",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "102872",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/102872"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"name": "56888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56888"
},
{
"name": "FEDORA-2014-2083",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "56761",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56761"
},
{
"name": "FEDORA-2014-2041",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"name": "65334",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65334"
},
{
"name": "firefox-cve20141486-code-exec(90890)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90890"
},
{
"name": "SUSE-SU-2014:0248",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name": "openSUSE-SU-2014:0213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"name": "USN-2102-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56767"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-08.html"
},
{
"name": "56706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56706"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-02T19:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "USN-2119-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"name": "1029721",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029721"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=942164"
},
{
"name": "openSUSE-SU-2014:0212",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"name": "1029717",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029717"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "RHSA-2014:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"name": "56922",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56922"
},
{
"name": "56787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name": "56858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56858"
},
{
"name": "DSA-2858",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"name": "56763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56763"
},
{
"name": "USN-2102-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "RHSA-2014:0133",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "102872",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/102872"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"name": "56888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56888"
},
{
"name": "FEDORA-2014-2083",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"name": "openSUSE-SU-2014:0419",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "56761",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56761"
},
{
"name": "FEDORA-2014-2041",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"name": "65334",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65334"
},
{
"name": "firefox-cve20141486-code-exec(90890)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90890"
},
{
"name": "SUSE-SU-2014:0248",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name": "openSUSE-SU-2014:0213",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"name": "USN-2102-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56767"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-08.html"
},
{
"name": "56706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56706"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1486",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2119-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"name": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc"
},
{
"name": "1029721",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029721"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=942164",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=942164"
},
{
"name": "openSUSE-SU-2014:0212",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"name": "1029717",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029717"
},
{
"name": "https://8pecxstudios.com/?page_id=44080",
"refsource": "CONFIRM",
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "RHSA-2014:0132",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html"
},
{
"name": "56922",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56922"
},
{
"name": "56787",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name": "56858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56858"
},
{
"name": "DSA-2858",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"name": "56763",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56763"
},
{
"name": "USN-2102-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "RHSA-2014:0133",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "102872",
"refsource": "OSVDB",
"url": "http://osvdb.org/102872"
},
{
"name": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k"
},
{
"name": "56888",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56888"
},
{
"name": "FEDORA-2014-2083",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"name": "openSUSE-SU-2014:0419",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "56761",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56761"
},
{
"name": "FEDORA-2014-2041",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"name": "65334",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65334"
},
{
"name": "firefox-cve20141486-code-exec(90890)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90890"
},
{
"name": "SUSE-SU-2014:0248",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name": "openSUSE-SU-2014:0213",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"name": "USN-2102-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56767"
},
{
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-08.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-08.html"
},
{
"name": "56706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56706"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2014-1486",
"datePublished": "2014-02-06T02:00:00",
"dateReserved": "2014-01-16T00:00:00",
"dateUpdated": "2024-08-06T09:42:36.212Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"27.0\", \"matchCriteriaId\": \"86B3B84A-9D1F-4863-987C-5C958B05C523\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"24.0\", \"versionEndExcluding\": \"24.3\", \"matchCriteriaId\": \"5D5BFC32-48C3-431E-BD30-67BF408025F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.24\", \"matchCriteriaId\": \"328319A6-42EE-408E-91A8-87156C17AE46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"24.3\", \"matchCriteriaId\": \"3CCF1ADE-2590-49D1-AD38-B7EF93AC92BE\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5991814D-CA77-4C25-90D2-DB542B17E0AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"C3407560-6D54-4B1B-9977-AD4F6EB5D6BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE554781-1EB9-446E-911F-6C11970C47F4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DFBF430B-0832-44B0-AA0E-BA9E467F7668\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A10BC294-9196-425F-9FB0-B1625465B47F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4BC592E-17CC-4DD4-8B2C-CFD99383649C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*\", \"matchCriteriaId\": \"B2866FAF-4340-4EA7-9009-6594ADA27AF9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*\", \"matchCriteriaId\": \"0EA03350-8702-43D5-8605-5FB765A3F60B\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16F59A04-14CF-49E2-9973-645477EA09DA\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*\", \"matchCriteriaId\": \"8D305F7A-D159-4716-AB26-5E38BB5CD991\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2076871-2E80-4605-A470-A41C1A8EC7EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F61F047-129C-41A6-8A27-FFCBB8563E91\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"569964DA-31BE-4520-A66D-C3B09D557AB8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9BBCD86A-E6C7-4444-9D74-F861084090F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"835AE071-CEAE-49E5-8F0C-E5F50FB85EFC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de uso despu\\u00e9s de liberaci\\u00f3n en la funci\\u00f3n imgRequestProxy en Mozilla Firefox anterior a 27.0, Firefox ESR 24.x anterior a 24.3, Thunderbird anterior a 24.3 y SeaMonkey anterior a 2.24 permite a atacantes remotos ejecutar c\\u00f3digo arbitrario a trav\\u00e9s de vectores involucrando valores Content-Type no especificados para datos de imagen.\"}]",
"id": "CVE-2014-1486",
"lastModified": "2024-11-21T02:04:22.327",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2014-02-06T05:44:24.987",
"references": "[{\"url\": \"http://download.novell.com/Download?buildid=VYQsgaFpQ2k\", \"source\": \"security@mozilla.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://download.novell.com/Download?buildid=Y2fux-JW1Qc\", \"source\": \"security@mozilla.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html\", \"source\": \"security@mozilla.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html\", \"source\": \"security@mozilla.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html\", \"source\": \"security@mozilla.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html\", \"source\": \"security@mozilla.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html\", \"source\": \"security@mozilla.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html\", \"source\": \"security@mozilla.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://osvdb.org/102872\", \"source\": \"security@mozilla.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-0132.html\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-0133.html\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/56706\", \"source\": \"security@mozilla.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/56761\", \"source\": \"security@mozilla.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/56763\", \"source\": \"security@mozilla.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/56767\", \"source\": \"security@mozilla.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/56787\", \"source\": \"security@mozilla.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/56858\", \"source\": \"security@mozilla.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/56888\", \"source\": \"security@mozilla.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/56922\", \"source\": \"security@mozilla.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.debian.org/security/2014/dsa-2858\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.mozilla.org/security/announce/2014/mfsa2014-08.html\", \"source\": \"security@mozilla.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/65334\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1029717\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1029720\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1029721\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2102-1\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2102-2\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2119-1\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://8pecxstudios.com/?page_id=44080\", \"source\": \"security@mozilla.org\", \"tags\": [\"Broken Link\", \"URL Repurposed\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=942164\", \"source\": \"security@mozilla.org\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/90890\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://security.gentoo.org/glsa/201504-01\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://download.novell.com/Download?buildid=VYQsgaFpQ2k\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://download.novell.com/Download?buildid=Y2fux-JW1Qc\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://osvdb.org/102872\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-0132.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-0133.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/56706\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/56761\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/56763\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/56767\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/56787\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/56858\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/56888\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/56922\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.debian.org/security/2014/dsa-2858\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.mozilla.org/security/announce/2014/mfsa2014-08.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/65334\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1029717\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1029720\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1029721\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2102-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2102-2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2119-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://8pecxstudios.com/?page_id=44080\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"URL Repurposed\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=942164\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/90890\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://security.gentoo.org/glsa/201504-01\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-416\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2014-1486\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2014-02-06T05:44:24.987\",\"lastModified\":\"2025-11-25T17:50:16.803\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n en la funci\u00f3n imgRequestProxy en Mozilla Firefox anterior a 27.0, Firefox ESR 24.x anterior a 24.3, Thunderbird anterior a 24.3 y SeaMonkey anterior a 2.24 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores involucrando valores Content-Type no especificados para datos de imagen.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"27.0\",\"matchCriteriaId\":\"86B3B84A-9D1F-4863-987C-5C958B05C523\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"24.0\",\"versionEndExcluding\":\"24.3\",\"matchCriteriaId\":\"1219544A-AE7D-468A-B853-1A39EF17CC85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.24\",\"matchCriteriaId\":\"328319A6-42EE-408E-91A8-87156C17AE46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"24.3\",\"matchCriteriaId\":\"3CCF1ADE-2590-49D1-AD38-B7EF93AC92BE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5991814D-CA77-4C25-90D2-DB542B17E0AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3407560-6D54-4B1B-9977-AD4F6EB5D6BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE554781-1EB9-446E-911F-6C11970C47F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFBF430B-0832-44B0-AA0E-BA9E467F7668\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A10BC294-9196-425F-9FB0-B1625465B47F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4BC592E-17CC-4DD4-8B2C-CFD99383649C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*\",\"matchCriteriaId\":\"B2866FAF-4340-4EA7-9009-6594ADA27AF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*\",\"matchCriteriaId\":\"0EA03350-8702-43D5-8605-5FB765A3F60B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"8D305F7A-D159-4716-AB26-5E38BB5CD991\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2076871-2E80-4605-A470-A41C1A8EC7EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F61F047-129C-41A6-8A27-FFCBB8563E91\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"569964DA-31BE-4520-A66D-C3B09D557AB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BBCD86A-E6C7-4444-9D74-F861084090F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"835AE071-CEAE-49E5-8F0C-E5F50FB85EFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"}]}]}],\"references\":[{\"url\":\"http://download.novell.com/Download?buildid=VYQsgaFpQ2k\",\"source\":\"security@mozilla.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://download.novell.com/Download?buildid=Y2fux-JW1Qc\",\"source\":\"security@mozilla.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://osvdb.org/102872\",\"source\":\"security@mozilla.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0132.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0133.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/56706\",\"source\":\"security@mozilla.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/56761\",\"source\":\"security@mozilla.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/56763\",\"source\":\"security@mozilla.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/56767\",\"source\":\"security@mozilla.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/56787\",\"source\":\"security@mozilla.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/56858\",\"source\":\"security@mozilla.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/56888\",\"source\":\"security@mozilla.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/56922\",\"source\":\"security@mozilla.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.debian.org/security/2014/dsa-2858\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.mozilla.org/security/announce/2014/mfsa2014-08.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/65334\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1029717\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1029720\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1029721\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2102-1\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2102-2\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2119-1\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://8pecxstudios.com/?page_id=44080\",\"source\":\"security@mozilla.org\",\"tags\":[\"Broken Link\",\"URL Repurposed\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=942164\",\"source\":\"security@mozilla.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/90890\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://security.gentoo.org/glsa/201504-01\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://download.novell.com/Download?buildid=VYQsgaFpQ2k\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://download.novell.com/Download?buildid=Y2fux-JW1Qc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://osvdb.org/102872\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0132.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0133.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/56706\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/56761\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/56763\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/56767\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/56787\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/56858\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/56888\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/56922\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.debian.org/security/2014/dsa-2858\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.mozilla.org/security/announce/2014/mfsa2014-08.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/65334\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1029717\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1029720\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1029721\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2102-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2102-2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2119-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://8pecxstudios.com/?page_id=44080\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"URL Repurposed\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=942164\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/90890\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://security.gentoo.org/glsa/201504-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
RHSA-2014_0133
Vulnerability from csaf_redhat - Published: 2014-02-04 19:56 - Updated: 2024-11-22 07:27Summary
Red Hat Security Advisory: thunderbird security update
Notes
Topic
An updated thunderbird package that fixes several security issues is now
available for Red Hat Enterprise Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
Mozilla Thunderbird is a standalone mail and newsgroup client.
Several flaws were found in the processing of malformed content.
Malicious content could cause Thunderbird to crash or, potentially, execute
arbitrary code with the privileges of the user running Thunderbird.
(CVE-2014-1477, CVE-2014-1482, CVE-2014-1486)
A flaw was found in the way Thunderbird handled error messages related to
web workers. An attacker could use this flaw to bypass the same-origin
policy, which could lead to cross-site scripting (XSS) attacks, or could
potentially be used to gather authentication tokens and other data from
third-party websites. (CVE-2014-1487)
A flaw was found in the implementation of System Only Wrappers (SOW).
An attacker could use this flaw to crash Thunderbird. When combined with
other vulnerabilities, this flaw could have additional security
implications. (CVE-2014-1479)
It was found that the Thunderbird JavaScript engine incorrectly handled
window objects. A remote attacker could use this flaw to bypass certain
security checks and possibly execute arbitrary code. (CVE-2014-1481)
Red Hat would like to thank the Mozilla project for reporting these issues.
Upstream acknowledges Christian Holler, Terrence Cole, Jesse Ruderman, Gary
Kwong, Eric Rescorla, Jonathan Kew, Dan Gohman, Ryan VanderMeulen, Sotaro
Ikeda, Cody Crews, Fredrik "Flonka" Lönnqvist, Arthur Gerkis, Masato
Kinugawa, and Boris Zbarsky as the original reporters of these issues.
Note: All of the above issues cannot be exploited by a specially crafted
HTML mail message as JavaScript is disabled by default for mail messages.
They could be exploited another way in Thunderbird, for example, when
viewing the full remote content of an RSS feed.
For technical details regarding these flaws, refer to the Mozilla security
advisories for Thunderbird 24.3.0. You can find a link to the Mozilla
advisories in the References section of this erratum.
All Thunderbird users should upgrade to this updated package, which
contains Thunderbird version 24.3.0, which corrects these issues.
After installing the update, Thunderbird must be restarted for the changes
to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated thunderbird package that fixes several security issues is now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content.\nMalicious content could cause Thunderbird to crash or, potentially, execute\narbitrary code with the privileges of the user running Thunderbird.\n(CVE-2014-1477, CVE-2014-1482, CVE-2014-1486)\n\nA flaw was found in the way Thunderbird handled error messages related to\nweb workers. An attacker could use this flaw to bypass the same-origin\npolicy, which could lead to cross-site scripting (XSS) attacks, or could\npotentially be used to gather authentication tokens and other data from\nthird-party websites. (CVE-2014-1487)\n\nA flaw was found in the implementation of System Only Wrappers (SOW).\nAn attacker could use this flaw to crash Thunderbird. When combined with\nother vulnerabilities, this flaw could have additional security\nimplications. (CVE-2014-1479)\n\nIt was found that the Thunderbird JavaScript engine incorrectly handled\nwindow objects. A remote attacker could use this flaw to bypass certain\nsecurity checks and possibly execute arbitrary code. (CVE-2014-1481)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Christian Holler, Terrence Cole, Jesse Ruderman, Gary\nKwong, Eric Rescorla, Jonathan Kew, Dan Gohman, Ryan VanderMeulen, Sotaro\nIkeda, Cody Crews, Fredrik \"Flonka\" L\u00f6nnqvist, Arthur Gerkis, Masato\nKinugawa, and Boris Zbarsky as the original reporters of these issues.\n\nNote: All of the above issues cannot be exploited by a specially crafted\nHTML mail message as JavaScript is disabled by default for mail messages.\nThey could be exploited another way in Thunderbird, for example, when\nviewing the full remote content of an RSS feed.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Thunderbird 24.3.0. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 24.3.0, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the changes\nto take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2014:0133",
"url": "https://access.redhat.com/errata/RHSA-2014:0133"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html",
"url": "https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html"
},
{
"category": "external",
"summary": "1046167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1046167"
},
{
"category": "external",
"summary": "1060938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060938"
},
{
"category": "external",
"summary": "1060940",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060940"
},
{
"category": "external",
"summary": "1060942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060942"
},
{
"category": "external",
"summary": "1060945",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060945"
},
{
"category": "external",
"summary": "1060947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060947"
},
{
"category": "external",
"summary": "1060952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060952"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0133.json"
}
],
"title": "Red Hat Security Advisory: thunderbird security update",
"tracking": {
"current_release_date": "2024-11-22T07:27:23+00:00",
"generator": {
"date": "2024-11-22T07:27:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2014:0133",
"initial_release_date": "2014-02-04T19:56:11+00:00",
"revision_history": [
{
"date": "2014-02-04T19:56:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2014-02-04T19:56:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T07:27:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_productivity:5"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:24.3.0-2.el5_10.i386",
"product": {
"name": "thunderbird-0:24.3.0-2.el5_10.i386",
"product_id": "thunderbird-0:24.3.0-2.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@24.3.0-2.el5_10?arch=i386"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"product": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"product_id": "thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@24.3.0-2.el5_10?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:24.3.0-2.el5_10.src",
"product": {
"name": "thunderbird-0:24.3.0-2.el5_10.src",
"product_id": "thunderbird-0:24.3.0-2.el5_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@24.3.0-2.el5_10?arch=src"
}
}
},
{
"category": "product_version",
"name": "thunderbird-0:24.3.0-2.el6_5.src",
"product": {
"name": "thunderbird-0:24.3.0-2.el6_5.src",
"product_id": "thunderbird-0:24.3.0-2.el6_5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@24.3.0-2.el6_5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:24.3.0-2.el5_10.x86_64",
"product": {
"name": "thunderbird-0:24.3.0-2.el5_10.x86_64",
"product_id": "thunderbird-0:24.3.0-2.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@24.3.0-2.el5_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"product": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"product_id": "thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@24.3.0-2.el5_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"product": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"product_id": "thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@24.3.0-2.el6_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-0:24.3.0-2.el6_5.x86_64",
"product": {
"name": "thunderbird-0:24.3.0-2.el6_5.x86_64",
"product_id": "thunderbird-0:24.3.0-2.el6_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@24.3.0-2.el6_5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"product": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"product_id": "thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@24.3.0-2.el6_5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "thunderbird-0:24.3.0-2.el6_5.i686",
"product": {
"name": "thunderbird-0:24.3.0-2.el6_5.i686",
"product_id": "thunderbird-0:24.3.0-2.el6_5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@24.3.0-2.el6_5?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"product": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"product_id": "thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@24.3.0-2.el6_5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-0:24.3.0-2.el6_5.ppc64",
"product": {
"name": "thunderbird-0:24.3.0-2.el6_5.ppc64",
"product_id": "thunderbird-0:24.3.0-2.el6_5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@24.3.0-2.el6_5?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"product": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"product_id": "thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@24.3.0-2.el6_5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "thunderbird-0:24.3.0-2.el6_5.s390x",
"product": {
"name": "thunderbird-0:24.3.0-2.el6_5.s390x",
"product_id": "thunderbird-0:24.3.0-2.el6_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@24.3.0-2.el6_5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386"
},
"product_reference": "thunderbird-0:24.3.0-2.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el5_10.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src"
},
"product_reference": "thunderbird-0:24.3.0-2.el5_10.src",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64"
},
"product_reference": "thunderbird-0:24.3.0-2.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el5_10.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386"
},
"product_reference": "thunderbird-0:24.3.0-2.el5_10.i386",
"relates_to_product_reference": "5Server-DPAS-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el5_10.src as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src"
},
"product_reference": "thunderbird-0:24.3.0-2.el5_10.src",
"relates_to_product_reference": "5Server-DPAS-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el5_10.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64"
},
"product_reference": "thunderbird-0:24.3.0-2.el5_10.x86_64",
"relates_to_product_reference": "5Server-DPAS-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el5_10.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"relates_to_product_reference": "5Server-DPAS-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"relates_to_product_reference": "5Server-DPAS-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.src",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6Server-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6Server-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6Server-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.src",
"relates_to_product_reference": "6Server-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6Server-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6Server-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6Server-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6Server-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6Server-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.src",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6Workstation-6.5.z"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
}
],
"cve": "CVE-2014-1477",
"discovery_date": "2014-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060938"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Miscellaneous memory safety hazards (rv:24.3) (MFSA 2014-01)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1477"
},
{
"category": "external",
"summary": "RHBZ#1060938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060938"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1477",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1477"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1477",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1477"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html"
}
],
"release_date": "2014-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-02-04T19:56:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0133"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla: Miscellaneous memory safety hazards (rv:24.3) (MFSA 2014-01)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Cody Crews"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1479",
"discovery_date": "2014-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060940"
}
],
"notes": [
{
"category": "description",
"text": "The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Clone protected content with XBL scopes (MFSA 2014-02)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1479"
},
{
"category": "external",
"summary": "RHBZ#1060940",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060940"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1479",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1479"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1479",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1479"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-02.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-02.html"
}
],
"release_date": "2014-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-02-04T19:56:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0133"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Clone protected content with XBL scopes (MFSA 2014-02)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Boris Zbarsky"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1481",
"discovery_date": "2014-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060952"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Inconsistent JavaScript handling of access to Window objects (MFSA 2014-13)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1481"
},
{
"category": "external",
"summary": "RHBZ#1060952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060952"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1481",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1481"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1481",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1481"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-13.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-13.html"
}
],
"release_date": "2014-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-02-04T19:56:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0133"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Inconsistent JavaScript handling of access to Window objects (MFSA 2014-13)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Fredrik \"Flonka\" L\u00f6nnqvist"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1482",
"discovery_date": "2014-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060942"
}
],
"notes": [
{
"category": "description",
"text": "RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Incorrect use of discarded images by RasterImage (MFSA 2014-04)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1482"
},
{
"category": "external",
"summary": "RHBZ#1060942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060942"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1482",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1482"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1482",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1482"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-04.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-04.html"
}
],
"release_date": "2014-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-02-04T19:56:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0133"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla: Incorrect use of discarded images by RasterImage (MFSA 2014-04)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Arthur Gerkis"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1486",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2014-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060945"
}
],
"notes": [
{
"category": "description",
"text": "Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Use-after-free with imgRequestProxy and image proccessing (MFSA 2014-08)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1486"
},
{
"category": "external",
"summary": "RHBZ#1060945",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060945"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1486",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1486"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1486",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1486"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-08.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-08.html"
}
],
"release_date": "2014-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-02-04T19:56:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0133"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla: Use-after-free with imgRequestProxy and image proccessing (MFSA 2014-08)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Masato Kinugawa"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1487",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"discovery_date": "2014-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060947"
}
],
"notes": [
{
"category": "description",
"text": "The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Cross-origin information leak through web workers (MFSA 2014-09)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1487"
},
{
"category": "external",
"summary": "RHBZ#1060947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060947"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1487",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1487"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-09.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-09.html"
}
],
"release_date": "2014-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-02-04T19:56:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0133"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Cross-origin information leak through web workers (MFSA 2014-09)"
}
]
}
RHSA-2014:0132
Vulnerability from csaf_redhat - Published: 2014-02-04 20:16 - Updated: 2025-11-21 17:46Summary
Red Hat Security Advisory: firefox security update
Notes
Topic
Updated firefox packages that fix several security issues are now available
for Red Hat Enterprise Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
Mozilla Firefox is an open source web browser. XULRunner provides the XUL
Runtime environment for Mozilla Firefox.
Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user running
Firefox. (CVE-2014-1477, CVE-2014-1482, CVE-2014-1486)
A flaw was found in the way Firefox handled error messages related to web
workers. An attacker could use this flaw to bypass the same-origin policy,
which could lead to cross-site scripting (XSS) attacks, or could
potentially be used to gather authentication tokens and other data from
third-party websites. (CVE-2014-1487)
A flaw was found in the implementation of System Only Wrappers (SOW).
An attacker could use this flaw to crash Firefox. When combined with other
vulnerabilities, this flaw could have additional security implications.
(CVE-2014-1479)
It was found that the Firefox JavaScript engine incorrectly handled window
objects. A remote attacker could use this flaw to bypass certain security
checks and possibly execute arbitrary code. (CVE-2014-1481)
Red Hat would like to thank the Mozilla project for reporting these issues.
Upstream acknowledges Christian Holler, Terrence Cole, Jesse Ruderman, Gary
Kwong, Eric Rescorla, Jonathan Kew, Dan Gohman, Ryan VanderMeulen, Sotaro
Ikeda, Cody Crews, Fredrik "Flonka" Lönnqvist, Arthur Gerkis, Masato
Kinugawa, and Boris Zbarsky as the original reporters of these issues.
For technical details regarding these flaws, refer to the Mozilla security
advisories for Firefox 24.3.0 ESR. You can find a link to the Mozilla
advisories in the References section of this erratum.
All Firefox users should upgrade to these updated packages, which contain
Firefox version 24.3.0 ESR, which corrects these issues. After installing
the update, Firefox must be restarted for the changes to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated firefox packages that fix several security issues are now available\nfor Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2014-1477, CVE-2014-1482, CVE-2014-1486)\n\nA flaw was found in the way Firefox handled error messages related to web\nworkers. An attacker could use this flaw to bypass the same-origin policy,\nwhich could lead to cross-site scripting (XSS) attacks, or could\npotentially be used to gather authentication tokens and other data from\nthird-party websites. (CVE-2014-1487)\n\nA flaw was found in the implementation of System Only Wrappers (SOW).\nAn attacker could use this flaw to crash Firefox. When combined with other\nvulnerabilities, this flaw could have additional security implications.\n(CVE-2014-1479)\n\nIt was found that the Firefox JavaScript engine incorrectly handled window\nobjects. A remote attacker could use this flaw to bypass certain security\nchecks and possibly execute arbitrary code. (CVE-2014-1481)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Christian Holler, Terrence Cole, Jesse Ruderman, Gary\nKwong, Eric Rescorla, Jonathan Kew, Dan Gohman, Ryan VanderMeulen, Sotaro\nIkeda, Cody Crews, Fredrik \"Flonka\" L\u00f6nnqvist, Arthur Gerkis, Masato\nKinugawa, and Boris Zbarsky as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 24.3.0 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 24.3.0 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2014:0132",
"url": "https://access.redhat.com/errata/RHSA-2014:0132"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html",
"url": "http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html"
},
{
"category": "external",
"summary": "1060938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060938"
},
{
"category": "external",
"summary": "1060940",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060940"
},
{
"category": "external",
"summary": "1060942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060942"
},
{
"category": "external",
"summary": "1060945",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060945"
},
{
"category": "external",
"summary": "1060947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060947"
},
{
"category": "external",
"summary": "1060952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060952"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0132.json"
}
],
"title": "Red Hat Security Advisory: firefox security update",
"tracking": {
"current_release_date": "2025-11-21T17:46:56+00:00",
"generator": {
"date": "2025-11-21T17:46:56+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2014:0132",
"initial_release_date": "2014-02-04T20:16:27+00:00",
"revision_history": [
{
"date": "2014-02-04T20:16:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2014-02-04T20:16:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:46:56+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el6_5.s390x",
"product": {
"name": "firefox-0:24.3.0-2.el6_5.s390x",
"product_id": "firefox-0:24.3.0-2.el6_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el6_5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"product": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"product_id": "firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.3.0-2.el6_5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"product": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"product_id": "firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.3.0-2.el5_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el5_10.s390x",
"product": {
"name": "firefox-0:24.3.0-2.el5_10.s390x",
"product_id": "firefox-0:24.3.0-2.el5_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el5_10?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el6_5.s390",
"product": {
"name": "firefox-0:24.3.0-2.el6_5.s390",
"product_id": "firefox-0:24.3.0-2.el6_5.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el6_5?arch=s390"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"product": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"product_id": "firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.3.0-2.el6_5?arch=s390"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"product": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"product_id": "firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.3.0-2.el5_10?arch=s390"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el5_10.s390",
"product": {
"name": "firefox-0:24.3.0-2.el5_10.s390",
"product_id": "firefox-0:24.3.0-2.el5_10.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el5_10?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el6_5.ppc64",
"product": {
"name": "firefox-0:24.3.0-2.el6_5.ppc64",
"product_id": "firefox-0:24.3.0-2.el6_5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el6_5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"product": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"product_id": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.3.0-2.el6_5?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el6_5.ppc",
"product": {
"name": "firefox-0:24.3.0-2.el6_5.ppc",
"product_id": "firefox-0:24.3.0-2.el6_5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el6_5?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"product": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"product_id": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.3.0-2.el6_5?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"product": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"product_id": "firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.3.0-2.el5_10?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el5_10.ppc",
"product": {
"name": "firefox-0:24.3.0-2.el5_10.ppc",
"product_id": "firefox-0:24.3.0-2.el5_10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el5_10?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el6_5.i686",
"product": {
"name": "firefox-0:24.3.0-2.el6_5.i686",
"product_id": "firefox-0:24.3.0-2.el6_5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el6_5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"product": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"product_id": "firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.3.0-2.el6_5?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el6_5.x86_64",
"product": {
"name": "firefox-0:24.3.0-2.el6_5.x86_64",
"product_id": "firefox-0:24.3.0-2.el6_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el6_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"product": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"product_id": "firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.3.0-2.el6_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"product": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"product_id": "firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.3.0-2.el5_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el5_10.x86_64",
"product": {
"name": "firefox-0:24.3.0-2.el5_10.x86_64",
"product_id": "firefox-0:24.3.0-2.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el5_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el6_5.src",
"product": {
"name": "firefox-0:24.3.0-2.el6_5.src",
"product_id": "firefox-0:24.3.0-2.el6_5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el6_5?arch=src"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el5_10.src",
"product": {
"name": "firefox-0:24.3.0-2.el5_10.src",
"product_id": "firefox-0:24.3.0-2.el5_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el5_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"product": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"product_id": "firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.3.0-2.el5_10?arch=i386"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el5_10.i386",
"product": {
"name": "firefox-0:24.3.0-2.el5_10.i386",
"product_id": "firefox-0:24.3.0-2.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el5_10?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"product": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"product_id": "firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.3.0-2.el5_10?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el5_10.ia64",
"product": {
"name": "firefox-0:24.3.0-2.el5_10.ia64",
"product_id": "firefox-0:24.3.0-2.el5_10.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el5_10?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.ia64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.ppc",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.s390",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.s390x",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.src",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.i386",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.ia64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.ppc",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.s390",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.s390x",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.src",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.x86_64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.ppc",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.s390",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.src",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.ppc",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.s390",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.src",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.ppc",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.s390",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.src",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.ppc",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.s390",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.src",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6Workstation-6.5.z"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
}
],
"cve": "CVE-2014-1477",
"discovery_date": "2014-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060938"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Miscellaneous memory safety hazards (rv:24.3) (MFSA 2014-01)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1477"
},
{
"category": "external",
"summary": "RHBZ#1060938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060938"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1477",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1477"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1477",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1477"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html"
}
],
"release_date": "2014-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-02-04T20:16:27+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0132"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla: Miscellaneous memory safety hazards (rv:24.3) (MFSA 2014-01)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Cody Crews"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1479",
"discovery_date": "2014-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060940"
}
],
"notes": [
{
"category": "description",
"text": "The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Clone protected content with XBL scopes (MFSA 2014-02)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1479"
},
{
"category": "external",
"summary": "RHBZ#1060940",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060940"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1479",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1479"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1479",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1479"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-02.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-02.html"
}
],
"release_date": "2014-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-02-04T20:16:27+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0132"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Clone protected content with XBL scopes (MFSA 2014-02)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Boris Zbarsky"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1481",
"discovery_date": "2014-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060952"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Inconsistent JavaScript handling of access to Window objects (MFSA 2014-13)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1481"
},
{
"category": "external",
"summary": "RHBZ#1060952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060952"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1481",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1481"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1481",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1481"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-13.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-13.html"
}
],
"release_date": "2014-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-02-04T20:16:27+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0132"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Inconsistent JavaScript handling of access to Window objects (MFSA 2014-13)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Fredrik \"Flonka\" L\u00f6nnqvist"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1482",
"discovery_date": "2014-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060942"
}
],
"notes": [
{
"category": "description",
"text": "RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Incorrect use of discarded images by RasterImage (MFSA 2014-04)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1482"
},
{
"category": "external",
"summary": "RHBZ#1060942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060942"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1482",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1482"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1482",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1482"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-04.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-04.html"
}
],
"release_date": "2014-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-02-04T20:16:27+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0132"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla: Incorrect use of discarded images by RasterImage (MFSA 2014-04)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Arthur Gerkis"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1486",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2014-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060945"
}
],
"notes": [
{
"category": "description",
"text": "Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Use-after-free with imgRequestProxy and image proccessing (MFSA 2014-08)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1486"
},
{
"category": "external",
"summary": "RHBZ#1060945",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060945"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1486",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1486"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1486",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1486"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-08.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-08.html"
}
],
"release_date": "2014-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-02-04T20:16:27+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0132"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla: Use-after-free with imgRequestProxy and image proccessing (MFSA 2014-08)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Masato Kinugawa"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1487",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"discovery_date": "2014-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060947"
}
],
"notes": [
{
"category": "description",
"text": "The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Cross-origin information leak through web workers (MFSA 2014-09)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1487"
},
{
"category": "external",
"summary": "RHBZ#1060947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060947"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1487",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1487"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-09.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-09.html"
}
],
"release_date": "2014-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-02-04T20:16:27+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0132"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Cross-origin information leak through web workers (MFSA 2014-09)"
}
]
}
RHSA-2014:0133
Vulnerability from csaf_redhat - Published: 2014-02-04 19:56 - Updated: 2025-11-21 17:46Summary
Red Hat Security Advisory: thunderbird security update
Notes
Topic
An updated thunderbird package that fixes several security issues is now
available for Red Hat Enterprise Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
Mozilla Thunderbird is a standalone mail and newsgroup client.
Several flaws were found in the processing of malformed content.
Malicious content could cause Thunderbird to crash or, potentially, execute
arbitrary code with the privileges of the user running Thunderbird.
(CVE-2014-1477, CVE-2014-1482, CVE-2014-1486)
A flaw was found in the way Thunderbird handled error messages related to
web workers. An attacker could use this flaw to bypass the same-origin
policy, which could lead to cross-site scripting (XSS) attacks, or could
potentially be used to gather authentication tokens and other data from
third-party websites. (CVE-2014-1487)
A flaw was found in the implementation of System Only Wrappers (SOW).
An attacker could use this flaw to crash Thunderbird. When combined with
other vulnerabilities, this flaw could have additional security
implications. (CVE-2014-1479)
It was found that the Thunderbird JavaScript engine incorrectly handled
window objects. A remote attacker could use this flaw to bypass certain
security checks and possibly execute arbitrary code. (CVE-2014-1481)
Red Hat would like to thank the Mozilla project for reporting these issues.
Upstream acknowledges Christian Holler, Terrence Cole, Jesse Ruderman, Gary
Kwong, Eric Rescorla, Jonathan Kew, Dan Gohman, Ryan VanderMeulen, Sotaro
Ikeda, Cody Crews, Fredrik "Flonka" Lönnqvist, Arthur Gerkis, Masato
Kinugawa, and Boris Zbarsky as the original reporters of these issues.
Note: All of the above issues cannot be exploited by a specially crafted
HTML mail message as JavaScript is disabled by default for mail messages.
They could be exploited another way in Thunderbird, for example, when
viewing the full remote content of an RSS feed.
For technical details regarding these flaws, refer to the Mozilla security
advisories for Thunderbird 24.3.0. You can find a link to the Mozilla
advisories in the References section of this erratum.
All Thunderbird users should upgrade to this updated package, which
contains Thunderbird version 24.3.0, which corrects these issues.
After installing the update, Thunderbird must be restarted for the changes
to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated thunderbird package that fixes several security issues is now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content.\nMalicious content could cause Thunderbird to crash or, potentially, execute\narbitrary code with the privileges of the user running Thunderbird.\n(CVE-2014-1477, CVE-2014-1482, CVE-2014-1486)\n\nA flaw was found in the way Thunderbird handled error messages related to\nweb workers. An attacker could use this flaw to bypass the same-origin\npolicy, which could lead to cross-site scripting (XSS) attacks, or could\npotentially be used to gather authentication tokens and other data from\nthird-party websites. (CVE-2014-1487)\n\nA flaw was found in the implementation of System Only Wrappers (SOW).\nAn attacker could use this flaw to crash Thunderbird. When combined with\nother vulnerabilities, this flaw could have additional security\nimplications. (CVE-2014-1479)\n\nIt was found that the Thunderbird JavaScript engine incorrectly handled\nwindow objects. A remote attacker could use this flaw to bypass certain\nsecurity checks and possibly execute arbitrary code. (CVE-2014-1481)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Christian Holler, Terrence Cole, Jesse Ruderman, Gary\nKwong, Eric Rescorla, Jonathan Kew, Dan Gohman, Ryan VanderMeulen, Sotaro\nIkeda, Cody Crews, Fredrik \"Flonka\" L\u00f6nnqvist, Arthur Gerkis, Masato\nKinugawa, and Boris Zbarsky as the original reporters of these issues.\n\nNote: All of the above issues cannot be exploited by a specially crafted\nHTML mail message as JavaScript is disabled by default for mail messages.\nThey could be exploited another way in Thunderbird, for example, when\nviewing the full remote content of an RSS feed.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Thunderbird 24.3.0. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 24.3.0, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the changes\nto take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2014:0133",
"url": "https://access.redhat.com/errata/RHSA-2014:0133"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html",
"url": "https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html"
},
{
"category": "external",
"summary": "1046167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1046167"
},
{
"category": "external",
"summary": "1060938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060938"
},
{
"category": "external",
"summary": "1060940",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060940"
},
{
"category": "external",
"summary": "1060942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060942"
},
{
"category": "external",
"summary": "1060945",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060945"
},
{
"category": "external",
"summary": "1060947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060947"
},
{
"category": "external",
"summary": "1060952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060952"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0133.json"
}
],
"title": "Red Hat Security Advisory: thunderbird security update",
"tracking": {
"current_release_date": "2025-11-21T17:46:57+00:00",
"generator": {
"date": "2025-11-21T17:46:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2014:0133",
"initial_release_date": "2014-02-04T19:56:11+00:00",
"revision_history": [
{
"date": "2014-02-04T19:56:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2014-02-04T19:56:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:46:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_productivity:5"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:24.3.0-2.el5_10.i386",
"product": {
"name": "thunderbird-0:24.3.0-2.el5_10.i386",
"product_id": "thunderbird-0:24.3.0-2.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@24.3.0-2.el5_10?arch=i386"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"product": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"product_id": "thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@24.3.0-2.el5_10?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:24.3.0-2.el5_10.src",
"product": {
"name": "thunderbird-0:24.3.0-2.el5_10.src",
"product_id": "thunderbird-0:24.3.0-2.el5_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@24.3.0-2.el5_10?arch=src"
}
}
},
{
"category": "product_version",
"name": "thunderbird-0:24.3.0-2.el6_5.src",
"product": {
"name": "thunderbird-0:24.3.0-2.el6_5.src",
"product_id": "thunderbird-0:24.3.0-2.el6_5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@24.3.0-2.el6_5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:24.3.0-2.el5_10.x86_64",
"product": {
"name": "thunderbird-0:24.3.0-2.el5_10.x86_64",
"product_id": "thunderbird-0:24.3.0-2.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@24.3.0-2.el5_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"product": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"product_id": "thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@24.3.0-2.el5_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"product": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"product_id": "thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@24.3.0-2.el6_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-0:24.3.0-2.el6_5.x86_64",
"product": {
"name": "thunderbird-0:24.3.0-2.el6_5.x86_64",
"product_id": "thunderbird-0:24.3.0-2.el6_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@24.3.0-2.el6_5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"product": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"product_id": "thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@24.3.0-2.el6_5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "thunderbird-0:24.3.0-2.el6_5.i686",
"product": {
"name": "thunderbird-0:24.3.0-2.el6_5.i686",
"product_id": "thunderbird-0:24.3.0-2.el6_5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@24.3.0-2.el6_5?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"product": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"product_id": "thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@24.3.0-2.el6_5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-0:24.3.0-2.el6_5.ppc64",
"product": {
"name": "thunderbird-0:24.3.0-2.el6_5.ppc64",
"product_id": "thunderbird-0:24.3.0-2.el6_5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@24.3.0-2.el6_5?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"product": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"product_id": "thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@24.3.0-2.el6_5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "thunderbird-0:24.3.0-2.el6_5.s390x",
"product": {
"name": "thunderbird-0:24.3.0-2.el6_5.s390x",
"product_id": "thunderbird-0:24.3.0-2.el6_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@24.3.0-2.el6_5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386"
},
"product_reference": "thunderbird-0:24.3.0-2.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el5_10.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src"
},
"product_reference": "thunderbird-0:24.3.0-2.el5_10.src",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64"
},
"product_reference": "thunderbird-0:24.3.0-2.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el5_10.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386"
},
"product_reference": "thunderbird-0:24.3.0-2.el5_10.i386",
"relates_to_product_reference": "5Server-DPAS-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el5_10.src as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src"
},
"product_reference": "thunderbird-0:24.3.0-2.el5_10.src",
"relates_to_product_reference": "5Server-DPAS-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el5_10.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64"
},
"product_reference": "thunderbird-0:24.3.0-2.el5_10.x86_64",
"relates_to_product_reference": "5Server-DPAS-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el5_10.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"relates_to_product_reference": "5Server-DPAS-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"relates_to_product_reference": "5Server-DPAS-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.src",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6Server-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6Server-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6Server-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.src",
"relates_to_product_reference": "6Server-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6Server-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6Server-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6Server-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6Server-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6Server-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.src",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "thunderbird-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6Workstation-6.5.z"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
}
],
"cve": "CVE-2014-1477",
"discovery_date": "2014-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060938"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Miscellaneous memory safety hazards (rv:24.3) (MFSA 2014-01)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1477"
},
{
"category": "external",
"summary": "RHBZ#1060938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060938"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1477",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1477"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1477",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1477"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html"
}
],
"release_date": "2014-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-02-04T19:56:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0133"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla: Miscellaneous memory safety hazards (rv:24.3) (MFSA 2014-01)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Cody Crews"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1479",
"discovery_date": "2014-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060940"
}
],
"notes": [
{
"category": "description",
"text": "The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Clone protected content with XBL scopes (MFSA 2014-02)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1479"
},
{
"category": "external",
"summary": "RHBZ#1060940",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060940"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1479",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1479"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1479",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1479"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-02.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-02.html"
}
],
"release_date": "2014-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-02-04T19:56:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0133"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Clone protected content with XBL scopes (MFSA 2014-02)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Boris Zbarsky"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1481",
"discovery_date": "2014-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060952"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Inconsistent JavaScript handling of access to Window objects (MFSA 2014-13)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1481"
},
{
"category": "external",
"summary": "RHBZ#1060952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060952"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1481",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1481"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1481",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1481"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-13.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-13.html"
}
],
"release_date": "2014-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-02-04T19:56:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0133"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Inconsistent JavaScript handling of access to Window objects (MFSA 2014-13)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Fredrik \"Flonka\" L\u00f6nnqvist"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1482",
"discovery_date": "2014-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060942"
}
],
"notes": [
{
"category": "description",
"text": "RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Incorrect use of discarded images by RasterImage (MFSA 2014-04)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1482"
},
{
"category": "external",
"summary": "RHBZ#1060942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060942"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1482",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1482"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1482",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1482"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-04.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-04.html"
}
],
"release_date": "2014-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-02-04T19:56:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0133"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla: Incorrect use of discarded images by RasterImage (MFSA 2014-04)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Arthur Gerkis"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1486",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2014-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060945"
}
],
"notes": [
{
"category": "description",
"text": "Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Use-after-free with imgRequestProxy and image proccessing (MFSA 2014-08)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1486"
},
{
"category": "external",
"summary": "RHBZ#1060945",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060945"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1486",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1486"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1486",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1486"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-08.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-08.html"
}
],
"release_date": "2014-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-02-04T19:56:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0133"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla: Use-after-free with imgRequestProxy and image proccessing (MFSA 2014-08)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Masato Kinugawa"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1487",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"discovery_date": "2014-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060947"
}
],
"notes": [
{
"category": "description",
"text": "The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Cross-origin information leak through web workers (MFSA 2014-09)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1487"
},
{
"category": "external",
"summary": "RHBZ#1060947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060947"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1487",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1487"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-09.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-09.html"
}
],
"release_date": "2014-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-02-04T19:56:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0133"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.src",
"5Server-DPAS-5.10.Z:thunderbird-0:24.3.0-2.el5_10.x86_64",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-DPAS-5.10.Z:thunderbird-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Server-optional-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-optional-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:thunderbird-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:thunderbird-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Cross-origin information leak through web workers (MFSA 2014-09)"
}
]
}
RHSA-2014_0132
Vulnerability from csaf_redhat - Published: 2014-02-04 20:16 - Updated: 2024-11-22 07:27Summary
Red Hat Security Advisory: firefox security update
Notes
Topic
Updated firefox packages that fix several security issues are now available
for Red Hat Enterprise Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
Mozilla Firefox is an open source web browser. XULRunner provides the XUL
Runtime environment for Mozilla Firefox.
Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user running
Firefox. (CVE-2014-1477, CVE-2014-1482, CVE-2014-1486)
A flaw was found in the way Firefox handled error messages related to web
workers. An attacker could use this flaw to bypass the same-origin policy,
which could lead to cross-site scripting (XSS) attacks, or could
potentially be used to gather authentication tokens and other data from
third-party websites. (CVE-2014-1487)
A flaw was found in the implementation of System Only Wrappers (SOW).
An attacker could use this flaw to crash Firefox. When combined with other
vulnerabilities, this flaw could have additional security implications.
(CVE-2014-1479)
It was found that the Firefox JavaScript engine incorrectly handled window
objects. A remote attacker could use this flaw to bypass certain security
checks and possibly execute arbitrary code. (CVE-2014-1481)
Red Hat would like to thank the Mozilla project for reporting these issues.
Upstream acknowledges Christian Holler, Terrence Cole, Jesse Ruderman, Gary
Kwong, Eric Rescorla, Jonathan Kew, Dan Gohman, Ryan VanderMeulen, Sotaro
Ikeda, Cody Crews, Fredrik "Flonka" Lönnqvist, Arthur Gerkis, Masato
Kinugawa, and Boris Zbarsky as the original reporters of these issues.
For technical details regarding these flaws, refer to the Mozilla security
advisories for Firefox 24.3.0 ESR. You can find a link to the Mozilla
advisories in the References section of this erratum.
All Firefox users should upgrade to these updated packages, which contain
Firefox version 24.3.0 ESR, which corrects these issues. After installing
the update, Firefox must be restarted for the changes to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated firefox packages that fix several security issues are now available\nfor Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2014-1477, CVE-2014-1482, CVE-2014-1486)\n\nA flaw was found in the way Firefox handled error messages related to web\nworkers. An attacker could use this flaw to bypass the same-origin policy,\nwhich could lead to cross-site scripting (XSS) attacks, or could\npotentially be used to gather authentication tokens and other data from\nthird-party websites. (CVE-2014-1487)\n\nA flaw was found in the implementation of System Only Wrappers (SOW).\nAn attacker could use this flaw to crash Firefox. When combined with other\nvulnerabilities, this flaw could have additional security implications.\n(CVE-2014-1479)\n\nIt was found that the Firefox JavaScript engine incorrectly handled window\nobjects. A remote attacker could use this flaw to bypass certain security\nchecks and possibly execute arbitrary code. (CVE-2014-1481)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Christian Holler, Terrence Cole, Jesse Ruderman, Gary\nKwong, Eric Rescorla, Jonathan Kew, Dan Gohman, Ryan VanderMeulen, Sotaro\nIkeda, Cody Crews, Fredrik \"Flonka\" L\u00f6nnqvist, Arthur Gerkis, Masato\nKinugawa, and Boris Zbarsky as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 24.3.0 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 24.3.0 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2014:0132",
"url": "https://access.redhat.com/errata/RHSA-2014:0132"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html",
"url": "http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html"
},
{
"category": "external",
"summary": "1060938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060938"
},
{
"category": "external",
"summary": "1060940",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060940"
},
{
"category": "external",
"summary": "1060942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060942"
},
{
"category": "external",
"summary": "1060945",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060945"
},
{
"category": "external",
"summary": "1060947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060947"
},
{
"category": "external",
"summary": "1060952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060952"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0132.json"
}
],
"title": "Red Hat Security Advisory: firefox security update",
"tracking": {
"current_release_date": "2024-11-22T07:27:17+00:00",
"generator": {
"date": "2024-11-22T07:27:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2014:0132",
"initial_release_date": "2014-02-04T20:16:27+00:00",
"revision_history": [
{
"date": "2014-02-04T20:16:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2014-02-04T20:16:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T07:27:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el6_5.s390x",
"product": {
"name": "firefox-0:24.3.0-2.el6_5.s390x",
"product_id": "firefox-0:24.3.0-2.el6_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el6_5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"product": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"product_id": "firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.3.0-2.el6_5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"product": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"product_id": "firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.3.0-2.el5_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el5_10.s390x",
"product": {
"name": "firefox-0:24.3.0-2.el5_10.s390x",
"product_id": "firefox-0:24.3.0-2.el5_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el5_10?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el6_5.s390",
"product": {
"name": "firefox-0:24.3.0-2.el6_5.s390",
"product_id": "firefox-0:24.3.0-2.el6_5.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el6_5?arch=s390"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"product": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"product_id": "firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.3.0-2.el6_5?arch=s390"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"product": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"product_id": "firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.3.0-2.el5_10?arch=s390"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el5_10.s390",
"product": {
"name": "firefox-0:24.3.0-2.el5_10.s390",
"product_id": "firefox-0:24.3.0-2.el5_10.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el5_10?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el6_5.ppc64",
"product": {
"name": "firefox-0:24.3.0-2.el6_5.ppc64",
"product_id": "firefox-0:24.3.0-2.el6_5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el6_5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"product": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"product_id": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.3.0-2.el6_5?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el6_5.ppc",
"product": {
"name": "firefox-0:24.3.0-2.el6_5.ppc",
"product_id": "firefox-0:24.3.0-2.el6_5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el6_5?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"product": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"product_id": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.3.0-2.el6_5?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"product": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"product_id": "firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.3.0-2.el5_10?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el5_10.ppc",
"product": {
"name": "firefox-0:24.3.0-2.el5_10.ppc",
"product_id": "firefox-0:24.3.0-2.el5_10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el5_10?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el6_5.i686",
"product": {
"name": "firefox-0:24.3.0-2.el6_5.i686",
"product_id": "firefox-0:24.3.0-2.el6_5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el6_5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"product": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"product_id": "firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.3.0-2.el6_5?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el6_5.x86_64",
"product": {
"name": "firefox-0:24.3.0-2.el6_5.x86_64",
"product_id": "firefox-0:24.3.0-2.el6_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el6_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"product": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"product_id": "firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.3.0-2.el6_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"product": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"product_id": "firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.3.0-2.el5_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el5_10.x86_64",
"product": {
"name": "firefox-0:24.3.0-2.el5_10.x86_64",
"product_id": "firefox-0:24.3.0-2.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el5_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el6_5.src",
"product": {
"name": "firefox-0:24.3.0-2.el6_5.src",
"product_id": "firefox-0:24.3.0-2.el6_5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el6_5?arch=src"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el5_10.src",
"product": {
"name": "firefox-0:24.3.0-2.el5_10.src",
"product_id": "firefox-0:24.3.0-2.el5_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el5_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"product": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"product_id": "firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.3.0-2.el5_10?arch=i386"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el5_10.i386",
"product": {
"name": "firefox-0:24.3.0-2.el5_10.i386",
"product_id": "firefox-0:24.3.0-2.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el5_10?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"product": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"product_id": "firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@24.3.0-2.el5_10?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "firefox-0:24.3.0-2.el5_10.ia64",
"product": {
"name": "firefox-0:24.3.0-2.el5_10.ia64",
"product_id": "firefox-0:24.3.0-2.el5_10.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@24.3.0-2.el5_10?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.ia64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.ppc",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.s390",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.s390x",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.src",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.i386",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.ia64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.ppc",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.s390",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.s390x",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.src",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64"
},
"product_reference": "firefox-0:24.3.0-2.el5_10.x86_64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.ppc",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.s390",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.src",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6Client-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.ppc",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.s390",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.src",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.ppc",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.s390",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.src",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6Server-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.ppc",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.s390",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.src",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "firefox-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"relates_to_product_reference": "6Workstation-6.5.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:24.3.0-2.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
},
"product_reference": "firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"relates_to_product_reference": "6Workstation-6.5.z"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
}
],
"cve": "CVE-2014-1477",
"discovery_date": "2014-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060938"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Miscellaneous memory safety hazards (rv:24.3) (MFSA 2014-01)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1477"
},
{
"category": "external",
"summary": "RHBZ#1060938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060938"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1477",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1477"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1477",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1477"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html"
}
],
"release_date": "2014-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-02-04T20:16:27+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0132"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla: Miscellaneous memory safety hazards (rv:24.3) (MFSA 2014-01)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Cody Crews"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1479",
"discovery_date": "2014-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060940"
}
],
"notes": [
{
"category": "description",
"text": "The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Clone protected content with XBL scopes (MFSA 2014-02)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1479"
},
{
"category": "external",
"summary": "RHBZ#1060940",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060940"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1479",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1479"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1479",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1479"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-02.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-02.html"
}
],
"release_date": "2014-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-02-04T20:16:27+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0132"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Clone protected content with XBL scopes (MFSA 2014-02)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Boris Zbarsky"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1481",
"discovery_date": "2014-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060952"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Inconsistent JavaScript handling of access to Window objects (MFSA 2014-13)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1481"
},
{
"category": "external",
"summary": "RHBZ#1060952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060952"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1481",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1481"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1481",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1481"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-13.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-13.html"
}
],
"release_date": "2014-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-02-04T20:16:27+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0132"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Inconsistent JavaScript handling of access to Window objects (MFSA 2014-13)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Fredrik \"Flonka\" L\u00f6nnqvist"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1482",
"discovery_date": "2014-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060942"
}
],
"notes": [
{
"category": "description",
"text": "RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Incorrect use of discarded images by RasterImage (MFSA 2014-04)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1482"
},
{
"category": "external",
"summary": "RHBZ#1060942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060942"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1482",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1482"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1482",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1482"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-04.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-04.html"
}
],
"release_date": "2014-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-02-04T20:16:27+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0132"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla: Incorrect use of discarded images by RasterImage (MFSA 2014-04)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Arthur Gerkis"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1486",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2014-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060945"
}
],
"notes": [
{
"category": "description",
"text": "Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Use-after-free with imgRequestProxy and image proccessing (MFSA 2014-08)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1486"
},
{
"category": "external",
"summary": "RHBZ#1060945",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060945"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1486",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1486"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1486",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1486"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-08.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-08.html"
}
],
"release_date": "2014-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-02-04T20:16:27+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0132"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla: Use-after-free with imgRequestProxy and image proccessing (MFSA 2014-08)"
},
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Masato Kinugawa"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-1487",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"discovery_date": "2014-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1060947"
}
],
"notes": [
{
"category": "description",
"text": "The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Cross-origin information leak through web workers (MFSA 2014-09)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1487"
},
{
"category": "external",
"summary": "RHBZ#1060947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060947"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1487",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1487"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2014/mfsa2014-09.html",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-09.html"
}
],
"release_date": "2014-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-02-04T20:16:27+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0132"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Client-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Client-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.src",
"5Server-5.10.Z:firefox-0:24.3.0-2.el5_10.x86_64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.i386",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ia64",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.ppc",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.s390x",
"5Server-5.10.Z:firefox-debuginfo-0:24.3.0-2.el5_10.x86_64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Client-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Client-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6ComputeNode-optional-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6ComputeNode-optional-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Server-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Server-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.src",
"6Workstation-6.5.z:firefox-0:24.3.0-2.el6_5.x86_64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.i686",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.ppc64",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.s390x",
"6Workstation-6.5.z:firefox-debuginfo-0:24.3.0-2.el6_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla: Cross-origin information leak through web workers (MFSA 2014-09)"
}
]
}
OPENSUSE-SU-2024:10218-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
seamonkey-2.40-6.1 on GA media
Notes
Title of the patch
seamonkey-2.40-6.1 on GA media
Description of the patch
These are all security issues fixed in the seamonkey-2.40-6.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10218
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "seamonkey-2.40-6.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the seamonkey-2.40-6.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10218",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10218-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2008-5913 page",
"url": "https://www.suse.com/security/cve/CVE-2008-5913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-0040 page",
"url": "https://www.suse.com/security/cve/CVE-2009-0040/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-0771 page",
"url": "https://www.suse.com/security/cve/CVE-2009-0771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-0772 page",
"url": "https://www.suse.com/security/cve/CVE-2009-0772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-0773 page",
"url": "https://www.suse.com/security/cve/CVE-2009-0773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-0774 page",
"url": "https://www.suse.com/security/cve/CVE-2009-0774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-0776 page",
"url": "https://www.suse.com/security/cve/CVE-2009-0776/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1044 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1169 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1571 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3388 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3388/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3389 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3389/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3555 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3979 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3980 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3982 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3983 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3984 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3985 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3988 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3988/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0159 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0160 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0162 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0173 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0174 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0174/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0175 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0175/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0176 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0177 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0178 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0178/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0179 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0181 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0182 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0183 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0654 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0654/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1121 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1121/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1125 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1196 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1196/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1197 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1197/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1198 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1198/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1199 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1199/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1200 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1200/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1201 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1202 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1202/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1203 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1205 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1206 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1206/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1208 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1209 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1209/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1211 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1211/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1212 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1213 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1213/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1214 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1214/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1585 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1585/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2751 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2752 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2753 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2754 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2760 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2763 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2764 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2765 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2766 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2767 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2768 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2769 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3166 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3166/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3167 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3168 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3168/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3169 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3170 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3170/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3173 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3174 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3174/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3175 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3175/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3176 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3177 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3178 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3178/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3179 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3180 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3182 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3183 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3765 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3766 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3767 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3768 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3769 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3770 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3771 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3772 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3773 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3775 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3776 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3776/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3777 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3778 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3778/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0051 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0053 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0054 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0054/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0055 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0056 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0057 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0059 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0061 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0062 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0084 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0084/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-1187 page",
"url": "https://www.suse.com/security/cve/CVE-2011-1187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2366 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2366/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2367 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2367/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2368 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2368/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2369 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2369/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2370 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2370/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2371 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2371/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2372 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2372/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2373 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2373/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2374 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2374/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2375 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2375/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2377 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2377/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2985 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2986 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2988 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2988/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2989 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2990 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2991 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2992 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2993 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2995 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2996 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2997 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3000 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3001 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3002 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3003 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3003/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3004 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3005 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3026 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3026/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3062 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3101 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3232 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3232/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3648 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3648/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3650 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3651 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3651/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3652 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3654 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3654/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3655 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3655/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3658 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3659 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3660 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3660/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3661 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3663 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0441 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0441/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0442 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0442/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0443 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0443/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0444 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0444/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0445 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0445/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0446 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0446/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0447 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0447/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0449 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0449/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0451 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0451/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0452 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0452/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0455 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0455/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0456 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0456/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0457 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0457/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0458 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0459 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0459/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0460 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0460/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0461 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0461/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0462 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0462/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0463 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0463/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0464 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0467 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0467/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0468 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0468/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0469 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0470 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0471 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0471/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0472 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0473 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0473/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0474 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0474/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0475 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0475/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0477 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0478 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0478/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0479 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0479/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0759 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1937 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1938 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1940 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1941 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1941/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1944 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1945 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1946 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1946/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1947 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1948 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1949 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1951 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1952 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1953 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1954 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1955 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1956 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1957 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1958 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1959 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1960 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1961 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1962 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1963 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1967 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1970 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1972 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1973 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1974 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1975 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1976 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1976/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3956 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3957 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3958 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3959 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3960 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3961 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3962 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3963 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3964 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3966 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3967 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3968 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3969 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3970 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3971 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3972 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3975 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3976 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3976/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3978 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3982 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3983 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3984 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3985 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3986 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3988 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3988/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3989 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3990 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3991 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3992 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3993 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3994 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3995 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4179 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4180 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4181 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4182 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4183 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4184 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4185 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4186 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4186/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4187 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4188 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4191 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4191/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4192 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4192/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4193 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4193/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4194 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4194/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4195 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4195/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4196 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4196/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4201 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4202 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4202/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4204 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4205 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4207 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4207/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4208 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4209 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4209/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4212 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4213 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4213/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4214 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4214/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4215 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4216 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4216/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4217 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4217/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4218 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5829 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5830 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5833 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5835 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5836 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5838 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5839 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5840 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5841 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5842 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5843 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5843/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0743 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0744 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0745 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0745/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0746 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0746/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0747 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0748 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0748/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0749 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0750 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0751 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0752 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0753 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0754 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0755 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0756 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0757 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0758 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0760 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0761 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0762 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0763 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0764 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0765 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0766 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0767 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0768 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0769 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0770 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0771 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0772 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0773 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0774 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0775 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0776 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0776/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0777 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0778 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0778/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0779 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0779/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0780 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0781 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0782 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0783 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0783/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0787 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0788 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0789 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0792 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0793 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0794 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0795 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0796 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0800 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1682 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1682/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1683 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1684 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1684/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1685 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1685/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1686 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1686/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1687 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1688 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1688/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1690 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1690/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1692 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1692/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1693 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1694 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1694/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1695 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1696 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1697 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1698 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1699 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1701 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1702 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1704 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1705 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1708 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1709 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1710 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1711 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1713 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1714 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1717 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1717/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1718 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1719 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1720 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1721 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1721/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1722 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1722/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1723 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1724 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1725 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1728 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1730 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1730/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1732 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1735 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1736 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1737 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1737/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1738 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5590 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5591 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5592 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5593 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5593/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5595 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5596 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5596/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5597 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5598 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5598/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5599 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5599/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5600 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5600/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5601 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5602 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5603 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5603/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5604 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5604/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5609 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5610 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5611 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5611/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5612 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5612/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5613 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5613/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5614 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5615 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5615/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5616 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5616/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5618 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5619 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5619/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6629 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6630 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6630/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6671 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6672 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6672/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6673 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1477 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1478 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1478/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1479 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1479/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1480 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1480/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1481 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1481/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1482 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1482/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1483 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1485 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1485/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1486 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1486/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1487 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1487/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1488 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1488/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1490 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1491 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1492 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1493 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1493/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1494 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1494/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1497 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1497/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1498 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1498/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1499 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1500 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1502 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1502/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1504 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1504/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1505 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1505/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1508 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1508/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1509 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1509/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1510 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1510/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1511 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1512 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1512/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1513 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1514 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1514/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1518 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1518/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1519 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1519/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1522 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1522/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1523 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1523/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1524 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1525 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1525/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1526 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1526/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1528 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1529 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1529/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1530 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1531 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1532 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1532/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1533 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1533/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1534 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1534/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1536 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1536/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1537 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1538 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1538/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1539 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1539/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1540 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1541 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1542 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1542/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1543 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1545 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1574 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1574/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1575 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1575/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1576 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1577 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1577/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1578 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1578/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1580 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1580/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1581 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1581/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1582 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1582/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1583 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1584 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1584/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1585 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1585/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1586 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1587 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1588 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1589 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1589/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1590 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1591 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1592 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1593 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1593/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1594 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1594/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8634 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8635 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8636 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8637 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8637/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8638 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8638/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8639 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8640 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8641 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8641/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8642 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8642/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8643 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8643/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0817 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0818 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0818/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0819 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0820 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0821 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0822 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0823 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0824 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0825 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0826 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0826/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0827 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0827/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0828 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0829 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0830 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0831 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0832 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0833 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0834 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0835 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0836 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4500 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4501 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4501/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4502 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4502/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4503 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4504 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4504/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4505 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4505/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4506 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4506/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4507 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4507/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4509 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4509/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4510 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4510/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4511 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4512 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4512/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4513 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4514 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4514/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4515 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4516 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4517 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4517/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4518 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4518/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4519 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4519/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4520 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4520/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4521 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4521/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4522 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4522/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7174 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7174/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7175 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7175/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7176 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7177 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7178 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7178/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7179 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7180 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7181 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7182 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7183 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7185 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7186 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7186/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7187 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7188 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7189 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7189/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7190 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7191 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7191/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7192 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7192/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7193 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7193/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7194 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7194/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7195 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7195/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7196 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7196/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7197 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7197/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7198 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7198/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7199 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7199/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7200 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7200/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7201 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7202 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7202/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7203 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7204 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7205 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7207 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7207/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7208 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7210 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7210/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7211 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7211/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7212 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7213 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7213/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7214 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7214/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7215 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7216 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7216/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7217 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7217/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7218 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7219 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7219/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7220 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7221 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7221/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7222 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7222/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7223 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7223/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7575 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7575/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-6354 page",
"url": "https://www.suse.com/security/cve/CVE-2016-6354/"
}
],
"title": "seamonkey-2.40-6.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10218-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "seamonkey-2.40-6.1.aarch64",
"product": {
"name": "seamonkey-2.40-6.1.aarch64",
"product_id": "seamonkey-2.40-6.1.aarch64"
}
},
{
"category": "product_version",
"name": "seamonkey-dom-inspector-2.40-6.1.aarch64",
"product": {
"name": "seamonkey-dom-inspector-2.40-6.1.aarch64",
"product_id": "seamonkey-dom-inspector-2.40-6.1.aarch64"
}
},
{
"category": "product_version",
"name": "seamonkey-irc-2.40-6.1.aarch64",
"product": {
"name": "seamonkey-irc-2.40-6.1.aarch64",
"product_id": "seamonkey-irc-2.40-6.1.aarch64"
}
},
{
"category": "product_version",
"name": "seamonkey-translations-common-2.40-6.1.aarch64",
"product": {
"name": "seamonkey-translations-common-2.40-6.1.aarch64",
"product_id": "seamonkey-translations-common-2.40-6.1.aarch64"
}
},
{
"category": "product_version",
"name": "seamonkey-translations-other-2.40-6.1.aarch64",
"product": {
"name": "seamonkey-translations-other-2.40-6.1.aarch64",
"product_id": "seamonkey-translations-other-2.40-6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "seamonkey-2.40-6.1.ppc64le",
"product": {
"name": "seamonkey-2.40-6.1.ppc64le",
"product_id": "seamonkey-2.40-6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "seamonkey-dom-inspector-2.40-6.1.ppc64le",
"product": {
"name": "seamonkey-dom-inspector-2.40-6.1.ppc64le",
"product_id": "seamonkey-dom-inspector-2.40-6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "seamonkey-irc-2.40-6.1.ppc64le",
"product": {
"name": "seamonkey-irc-2.40-6.1.ppc64le",
"product_id": "seamonkey-irc-2.40-6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "seamonkey-translations-common-2.40-6.1.ppc64le",
"product": {
"name": "seamonkey-translations-common-2.40-6.1.ppc64le",
"product_id": "seamonkey-translations-common-2.40-6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "seamonkey-translations-other-2.40-6.1.ppc64le",
"product": {
"name": "seamonkey-translations-other-2.40-6.1.ppc64le",
"product_id": "seamonkey-translations-other-2.40-6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "seamonkey-2.40-6.1.s390x",
"product": {
"name": "seamonkey-2.40-6.1.s390x",
"product_id": "seamonkey-2.40-6.1.s390x"
}
},
{
"category": "product_version",
"name": "seamonkey-dom-inspector-2.40-6.1.s390x",
"product": {
"name": "seamonkey-dom-inspector-2.40-6.1.s390x",
"product_id": "seamonkey-dom-inspector-2.40-6.1.s390x"
}
},
{
"category": "product_version",
"name": "seamonkey-irc-2.40-6.1.s390x",
"product": {
"name": "seamonkey-irc-2.40-6.1.s390x",
"product_id": "seamonkey-irc-2.40-6.1.s390x"
}
},
{
"category": "product_version",
"name": "seamonkey-translations-common-2.40-6.1.s390x",
"product": {
"name": "seamonkey-translations-common-2.40-6.1.s390x",
"product_id": "seamonkey-translations-common-2.40-6.1.s390x"
}
},
{
"category": "product_version",
"name": "seamonkey-translations-other-2.40-6.1.s390x",
"product": {
"name": "seamonkey-translations-other-2.40-6.1.s390x",
"product_id": "seamonkey-translations-other-2.40-6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "seamonkey-2.40-6.1.x86_64",
"product": {
"name": "seamonkey-2.40-6.1.x86_64",
"product_id": "seamonkey-2.40-6.1.x86_64"
}
},
{
"category": "product_version",
"name": "seamonkey-dom-inspector-2.40-6.1.x86_64",
"product": {
"name": "seamonkey-dom-inspector-2.40-6.1.x86_64",
"product_id": "seamonkey-dom-inspector-2.40-6.1.x86_64"
}
},
{
"category": "product_version",
"name": "seamonkey-irc-2.40-6.1.x86_64",
"product": {
"name": "seamonkey-irc-2.40-6.1.x86_64",
"product_id": "seamonkey-irc-2.40-6.1.x86_64"
}
},
{
"category": "product_version",
"name": "seamonkey-translations-common-2.40-6.1.x86_64",
"product": {
"name": "seamonkey-translations-common-2.40-6.1.x86_64",
"product_id": "seamonkey-translations-common-2.40-6.1.x86_64"
}
},
{
"category": "product_version",
"name": "seamonkey-translations-other-2.40-6.1.x86_64",
"product": {
"name": "seamonkey-translations-other-2.40-6.1.x86_64",
"product_id": "seamonkey-translations-other-2.40-6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "seamonkey-2.40-6.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64"
},
"product_reference": "seamonkey-2.40-6.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "seamonkey-2.40-6.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le"
},
"product_reference": "seamonkey-2.40-6.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "seamonkey-2.40-6.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x"
},
"product_reference": "seamonkey-2.40-6.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "seamonkey-2.40-6.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64"
},
"product_reference": "seamonkey-2.40-6.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "seamonkey-dom-inspector-2.40-6.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64"
},
"product_reference": "seamonkey-dom-inspector-2.40-6.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "seamonkey-dom-inspector-2.40-6.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le"
},
"product_reference": "seamonkey-dom-inspector-2.40-6.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "seamonkey-dom-inspector-2.40-6.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x"
},
"product_reference": "seamonkey-dom-inspector-2.40-6.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "seamonkey-dom-inspector-2.40-6.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64"
},
"product_reference": "seamonkey-dom-inspector-2.40-6.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "seamonkey-irc-2.40-6.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64"
},
"product_reference": "seamonkey-irc-2.40-6.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "seamonkey-irc-2.40-6.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le"
},
"product_reference": "seamonkey-irc-2.40-6.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "seamonkey-irc-2.40-6.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x"
},
"product_reference": "seamonkey-irc-2.40-6.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "seamonkey-irc-2.40-6.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64"
},
"product_reference": "seamonkey-irc-2.40-6.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "seamonkey-translations-common-2.40-6.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64"
},
"product_reference": "seamonkey-translations-common-2.40-6.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "seamonkey-translations-common-2.40-6.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le"
},
"product_reference": "seamonkey-translations-common-2.40-6.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "seamonkey-translations-common-2.40-6.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x"
},
"product_reference": "seamonkey-translations-common-2.40-6.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "seamonkey-translations-common-2.40-6.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64"
},
"product_reference": "seamonkey-translations-common-2.40-6.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "seamonkey-translations-other-2.40-6.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64"
},
"product_reference": "seamonkey-translations-other-2.40-6.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "seamonkey-translations-other-2.40-6.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le"
},
"product_reference": "seamonkey-translations-other-2.40-6.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "seamonkey-translations-other-2.40-6.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x"
},
"product_reference": "seamonkey-translations-other-2.40-6.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "seamonkey-translations-other-2.40-6.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
},
"product_reference": "seamonkey-translations-other-2.40-6.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-5913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2008-5913"
}
],
"notes": [
{
"category": "general",
"text": "The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses a random number generator that is seeded only once per browser session, which makes it easier for remote attackers to track a user, or trick a user into acting upon a spoofed pop-up message, by calculating the seed value, related to a \"temporary footprint\" and an \"in-session phishing attack.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2008-5913",
"url": "https://www.suse.com/security/cve/CVE-2008-5913"
},
{
"category": "external",
"summary": "SUSE Bug 468762 for CVE-2008-5913",
"url": "https://bugzilla.suse.com/468762"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2008-5913",
"url": "https://bugzilla.suse.com/603356"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2008-5913"
},
{
"cve": "CVE-2009-0040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-0040"
}
],
"notes": [
{
"category": "general",
"text": "The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-0040",
"url": "https://www.suse.com/security/cve/CVE-2009-0040"
},
{
"category": "external",
"summary": "SUSE Bug 472745 for CVE-2009-0040",
"url": "https://bugzilla.suse.com/472745"
},
{
"category": "external",
"summary": "SUSE Bug 478625 for CVE-2009-0040",
"url": "https://bugzilla.suse.com/478625"
},
{
"category": "external",
"summary": "SUSE Bug 608040 for CVE-2009-0040",
"url": "https://bugzilla.suse.com/608040"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-0040"
},
{
"cve": "CVE-2009-0771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-0771"
}
],
"notes": [
{
"category": "general",
"text": "The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption and assertion failures.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-0771",
"url": "https://www.suse.com/security/cve/CVE-2009-0771"
},
{
"category": "external",
"summary": "SUSE Bug 478625 for CVE-2009-0771",
"url": "https://bugzilla.suse.com/478625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-0771"
},
{
"cve": "CVE-2009-0772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-0772"
}
],
"notes": [
{
"category": "general",
"text": "The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which triggers memory corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-0772",
"url": "https://www.suse.com/security/cve/CVE-2009-0772"
},
{
"category": "external",
"summary": "SUSE Bug 478625 for CVE-2009-0772",
"url": "https://bugzilla.suse.com/478625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-0772"
},
{
"cve": "CVE-2009-0773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-0773"
}
],
"notes": [
{
"category": "general",
"text": "The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains \"some non-set elements,\" which causes jsarray.cpp to pass an incorrect argument to the ResizeSlots function, which triggers memory corruption; (2) vectors related to js_DecompileValueGenerator, jsopcode.cpp, __defineSetter__, and watch, which triggers an assertion failure or a segmentation fault; and (3) vectors related to gczeal, __defineSetter__, and watch, which triggers a hang.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-0773",
"url": "https://www.suse.com/security/cve/CVE-2009-0773"
},
{
"category": "external",
"summary": "SUSE Bug 478625 for CVE-2009-0773",
"url": "https://bugzilla.suse.com/478625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-0773"
},
{
"cve": "CVE-2009-0774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-0774"
}
],
"notes": [
{
"category": "general",
"text": "The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-0774",
"url": "https://www.suse.com/security/cve/CVE-2009-0774"
},
{
"category": "external",
"summary": "SUSE Bug 478625 for CVE-2009-0774",
"url": "https://bugzilla.suse.com/478625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-0774"
},
{
"cve": "CVE-2009-0776",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-0776"
}
],
"notes": [
{
"category": "general",
"text": "nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-0776",
"url": "https://www.suse.com/security/cve/CVE-2009-0776"
},
{
"category": "external",
"summary": "SUSE Bug 465291 for CVE-2009-0776",
"url": "https://bugzilla.suse.com/465291"
},
{
"category": "external",
"summary": "SUSE Bug 478625 for CVE-2009-0776",
"url": "https://bugzilla.suse.com/478625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2009-0776"
},
{
"cve": "CVE-2009-1044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1044"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 3.0.7 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors related to the _moveToEdgeShift XUL tree method, which triggers garbage collection on objects that are still in use, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1044",
"url": "https://www.suse.com/security/cve/CVE-2009-1044"
},
{
"category": "external",
"summary": "SUSE Bug 465291 for CVE-2009-1044",
"url": "https://bugzilla.suse.com/465291"
},
{
"category": "external",
"summary": "SUSE Bug 488955 for CVE-2009-1044",
"url": "https://bugzilla.suse.com/488955"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-1044"
},
{
"cve": "CVE-2009-1169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1169"
}
],
"notes": [
{
"category": "general",
"text": "The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox before 3.0.8 and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XML file with a crafted XSLT transform.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1169",
"url": "https://www.suse.com/security/cve/CVE-2009-1169"
},
{
"category": "external",
"summary": "SUSE Bug 488955 for CVE-2009-1169",
"url": "https://bugzilla.suse.com/488955"
},
{
"category": "external",
"summary": "SUSE Bug 509766 for CVE-2009-1169",
"url": "https://bugzilla.suse.com/509766"
},
{
"category": "external",
"summary": "SUSE Bug 510964 for CVE-2009-1169",
"url": "https://bugzilla.suse.com/510964"
},
{
"category": "external",
"summary": "SUSE Bug 515951 for CVE-2009-1169",
"url": "https://bugzilla.suse.com/515951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-1169"
},
{
"cve": "CVE-2009-1571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1571"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory situations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1571",
"url": "https://www.suse.com/security/cve/CVE-2009-1571"
},
{
"category": "external",
"summary": "SUSE Bug 576969 for CVE-2009-1571",
"url": "https://bugzilla.suse.com/576969"
},
{
"category": "external",
"summary": "SUSE Bug 581160 for CVE-2009-1571",
"url": "https://bugzilla.suse.com/581160"
},
{
"category": "external",
"summary": "SUSE Bug 584499 for CVE-2009-1571",
"url": "https://bugzilla.suse.com/584499"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-1571"
},
{
"cve": "CVE-2009-3388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3388"
}
],
"notes": [
{
"category": "general",
"text": "liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before 2.0.1 might allow context-dependent attackers to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors, related to \"memory safety issues.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3388",
"url": "https://www.suse.com/security/cve/CVE-2009-3388"
},
{
"category": "external",
"summary": "SUSE Bug 559807 for CVE-2009-3388",
"url": "https://bugzilla.suse.com/559807"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3388"
},
{
"cve": "CVE-2009-3389",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3389"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used in Mozilla Firefox 3.5 before 3.5.6 and SeaMonkey before 2.0.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a video with large dimensions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3389",
"url": "https://www.suse.com/security/cve/CVE-2009-3389"
},
{
"category": "external",
"summary": "SUSE Bug 559807 for CVE-2009-3389",
"url": "https://bugzilla.suse.com/559807"
},
{
"category": "external",
"summary": "SUSE Bug 581722 for CVE-2009-3389",
"url": "https://bugzilla.suse.com/581722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3389"
},
{
"cve": "CVE-2009-3555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3555"
}
],
"notes": [
{
"category": "general",
"text": "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3555",
"url": "https://www.suse.com/security/cve/CVE-2009-3555"
},
{
"category": "external",
"summary": "SUSE Bug 1077582 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/1077582"
},
{
"category": "external",
"summary": "SUSE Bug 459468 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/459468"
},
{
"category": "external",
"summary": "SUSE Bug 552497 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/552497"
},
{
"category": "external",
"summary": "SUSE Bug 553641 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/553641"
},
{
"category": "external",
"summary": "SUSE Bug 554069 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/554069"
},
{
"category": "external",
"summary": "SUSE Bug 554084 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/554084"
},
{
"category": "external",
"summary": "SUSE Bug 554085 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/554085"
},
{
"category": "external",
"summary": "SUSE Bug 555177 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/555177"
},
{
"category": "external",
"summary": "SUSE Bug 557168 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/557168"
},
{
"category": "external",
"summary": "SUSE Bug 564507 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/564507"
},
{
"category": "external",
"summary": "SUSE Bug 566041 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/566041"
},
{
"category": "external",
"summary": "SUSE Bug 584292 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/584292"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/586567"
},
{
"category": "external",
"summary": "SUSE Bug 588996 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/588996"
},
{
"category": "external",
"summary": "SUSE Bug 590826 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/590826"
},
{
"category": "external",
"summary": "SUSE Bug 592589 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/592589"
},
{
"category": "external",
"summary": "SUSE Bug 594415 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/594415"
},
{
"category": "external",
"summary": "SUSE Bug 604782 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/604782"
},
{
"category": "external",
"summary": "SUSE Bug 614753 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/614753"
},
{
"category": "external",
"summary": "SUSE Bug 622073 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/622073"
},
{
"category": "external",
"summary": "SUSE Bug 623905 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/623905"
},
{
"category": "external",
"summary": "SUSE Bug 629905 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/629905"
},
{
"category": "external",
"summary": "SUSE Bug 642531 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/642531"
},
{
"category": "external",
"summary": "SUSE Bug 646073 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/646073"
},
{
"category": "external",
"summary": "SUSE Bug 646906 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/646906"
},
{
"category": "external",
"summary": "SUSE Bug 648140 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/648140"
},
{
"category": "external",
"summary": "SUSE Bug 648950 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/648950"
},
{
"category": "external",
"summary": "SUSE Bug 659926 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/659926"
},
{
"category": "external",
"summary": "SUSE Bug 670152 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/670152"
},
{
"category": "external",
"summary": "SUSE Bug 704832 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/704832"
},
{
"category": "external",
"summary": "SUSE Bug 728876 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/728876"
},
{
"category": "external",
"summary": "SUSE Bug 729181 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/729181"
},
{
"category": "external",
"summary": "SUSE Bug 753357 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/753357"
},
{
"category": "external",
"summary": "SUSE Bug 791794 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/791794"
},
{
"category": "external",
"summary": "SUSE Bug 799454 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/799454"
},
{
"category": "external",
"summary": "SUSE Bug 815621 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/815621"
},
{
"category": "external",
"summary": "SUSE Bug 905347 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/905347"
},
{
"category": "external",
"summary": "SUSE Bug 979060 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/979060"
},
{
"category": "external",
"summary": "SUSE Bug 986238 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/986238"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3555"
},
{
"cve": "CVE-2009-3979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3979"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3979",
"url": "https://www.suse.com/security/cve/CVE-2009-3979"
},
{
"category": "external",
"summary": "SUSE Bug 559807 for CVE-2009-3979",
"url": "https://bugzilla.suse.com/559807"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3979"
},
{
"cve": "CVE-2009-3980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3980"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3980",
"url": "https://www.suse.com/security/cve/CVE-2009-3980"
},
{
"category": "external",
"summary": "SUSE Bug 559807 for CVE-2009-3980",
"url": "https://bugzilla.suse.com/559807"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3980"
},
{
"cve": "CVE-2009-3982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3982"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3982",
"url": "https://www.suse.com/security/cve/CVE-2009-3982"
},
{
"category": "external",
"summary": "SUSE Bug 559807 for CVE-2009-3982",
"url": "https://bugzilla.suse.com/559807"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3982"
},
{
"cve": "CVE-2009-3983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3983"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3983",
"url": "https://www.suse.com/security/cve/CVE-2009-3983"
},
{
"category": "external",
"summary": "SUSE Bug 559807 for CVE-2009-3983",
"url": "https://bugzilla.suse.com/559807"
},
{
"category": "external",
"summary": "SUSE Bug 590499 for CVE-2009-3983",
"url": "https://bugzilla.suse.com/590499"
},
{
"category": "external",
"summary": "SUSE Bug 607935 for CVE-2009-3983",
"url": "https://bugzilla.suse.com/607935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3983"
},
{
"cve": "CVE-2009-3984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3984"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to spoof an SSL indicator for an http URL or a file URL by setting document.location to an https URL corresponding to a site that responds with a No Content (aka 204) status code and an empty body.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3984",
"url": "https://www.suse.com/security/cve/CVE-2009-3984"
},
{
"category": "external",
"summary": "SUSE Bug 559807 for CVE-2009-3984",
"url": "https://bugzilla.suse.com/559807"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3984"
},
{
"cve": "CVE-2009-3985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3985"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3985",
"url": "https://www.suse.com/security/cve/CVE-2009-3985"
},
{
"category": "external",
"summary": "SUSE Bug 559807 for CVE-2009-3985",
"url": "https://bugzilla.suse.com/559807"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3985"
},
{
"cve": "CVE-2009-3988",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3988"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly restrict read access to object properties in showModalDialog, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via crafted dialogArguments values.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3988",
"url": "https://www.suse.com/security/cve/CVE-2009-3988"
},
{
"category": "external",
"summary": "SUSE Bug 576969 for CVE-2009-3988",
"url": "https://bugzilla.suse.com/576969"
},
{
"category": "external",
"summary": "SUSE Bug 581160 for CVE-2009-3988",
"url": "https://bugzilla.suse.com/581160"
},
{
"category": "external",
"summary": "SUSE Bug 584499 for CVE-2009-3988",
"url": "https://bugzilla.suse.com/584499"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3988"
},
{
"cve": "CVE-2010-0159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0159"
}
],
"notes": [
{
"category": "general",
"text": "The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsBlockFrame::StealFrame function in layout/generic/nsBlockFrame.cpp, and unspecified other vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0159",
"url": "https://www.suse.com/security/cve/CVE-2010-0159"
},
{
"category": "external",
"summary": "SUSE Bug 576969 for CVE-2010-0159",
"url": "https://bugzilla.suse.com/576969"
},
{
"category": "external",
"summary": "SUSE Bug 581160 for CVE-2010-0159",
"url": "https://bugzilla.suse.com/581160"
},
{
"category": "external",
"summary": "SUSE Bug 584499 for CVE-2010-0159",
"url": "https://bugzilla.suse.com/584499"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-0159"
},
{
"cve": "CVE-2010-0160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0160"
}
],
"notes": [
{
"category": "general",
"text": "The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly handle array data types for posted messages, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0160",
"url": "https://www.suse.com/security/cve/CVE-2010-0160"
},
{
"category": "external",
"summary": "SUSE Bug 576969 for CVE-2010-0160",
"url": "https://bugzilla.suse.com/576969"
},
{
"category": "external",
"summary": "SUSE Bug 581160 for CVE-2010-0160",
"url": "https://bugzilla.suse.com/581160"
},
{
"category": "external",
"summary": "SUSE Bug 584499 for CVE-2010-0160",
"url": "https://bugzilla.suse.com/584499"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-0160"
},
{
"cve": "CVE-2010-0162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0162"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly support the application/octet-stream content type as a protection mechanism against execution of web script in certain circumstances involving SVG and the EMBED element, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via an embedded SVG document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0162",
"url": "https://www.suse.com/security/cve/CVE-2010-0162"
},
{
"category": "external",
"summary": "SUSE Bug 576969 for CVE-2010-0162",
"url": "https://bugzilla.suse.com/576969"
},
{
"category": "external",
"summary": "SUSE Bug 581160 for CVE-2010-0162",
"url": "https://bugzilla.suse.com/581160"
},
{
"category": "external",
"summary": "SUSE Bug 584499 for CVE-2010-0162",
"url": "https://bugzilla.suse.com/584499"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-0162"
},
{
"cve": "CVE-2010-0173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0173"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0173",
"url": "https://www.suse.com/security/cve/CVE-2010-0173"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2010-0173",
"url": "https://bugzilla.suse.com/586567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-0173"
},
{
"cve": "CVE-2010-0174",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0174"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0174",
"url": "https://www.suse.com/security/cve/CVE-2010-0174"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2010-0174",
"url": "https://bugzilla.suse.com/586567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-0174"
},
{
"cve": "CVE-2010-0175",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0175"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsTreeSelection implementation in Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.9, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trigger a call to the handler for the select event for XUL tree items.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0175",
"url": "https://www.suse.com/security/cve/CVE-2010-0175"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2010-0175",
"url": "https://bugzilla.suse.com/586567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-0175"
},
{
"cve": "CVE-2010-0176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0176"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to execute arbitrary code via unspecified vectors that trigger access to deleted elements, related to a \"dangling pointer vulnerability.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0176",
"url": "https://www.suse.com/security/cve/CVE-2010-0176"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2010-0176",
"url": "https://bugzilla.suse.com/586567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-0176"
},
{
"cve": "CVE-2010-0177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0177"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to a \"dangling pointer vulnerability.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0177",
"url": "https://www.suse.com/security/cve/CVE-2010-0177"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2010-0177",
"url": "https://bugzilla.suse.com/586567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-0177"
},
{
"cve": "CVE-2010-0178",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0178"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL and then loading a javascript: URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0178",
"url": "https://www.suse.com/security/cve/CVE-2010-0178"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2010-0178",
"url": "https://bugzilla.suse.com/586567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2010-0178"
},
{
"cve": "CVE-2010-0179",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0179"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute arbitrary JavaScript via a crafted HTTP response.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0179",
"url": "https://www.suse.com/security/cve/CVE-2010-0179"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2010-0179",
"url": "https://bugzilla.suse.com/586567"
},
{
"category": "external",
"summary": "SUSE Bug 657016 for CVE-2010-0179",
"url": "https://bugzilla.suse.com/657016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-0179"
},
{
"cve": "CVE-2010-0181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0181"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many images.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0181",
"url": "https://www.suse.com/security/cve/CVE-2010-0181"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2010-0181",
"url": "https://bugzilla.suse.com/586567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-0181"
},
{
"cve": "CVE-2010-0182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0182"
}
],
"notes": [
{
"category": "general",
"text": "The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows attackers to bypass intended access restrictions via crafted content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0182",
"url": "https://www.suse.com/security/cve/CVE-2010-0182"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2010-0182",
"url": "https://bugzilla.suse.com/586567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-0182"
},
{
"cve": "CVE-2010-0183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0183"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsCycleCollector::MarkRoots function in Mozilla Firefox 3.5.x before 3.5.10 and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a crafted HTML document, related to an improper frame construction process for menus.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0183",
"url": "https://www.suse.com/security/cve/CVE-2010-0183"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-0183",
"url": "https://bugzilla.suse.com/603356"
},
{
"category": "external",
"summary": "SUSE Bug 617399 for CVE-2010-0183",
"url": "https://bugzilla.suse.com/617399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-0183"
},
{
"cve": "CVE-2010-0654",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0654"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 permit cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0654",
"url": "https://www.suse.com/security/cve/CVE-2010-0654"
},
{
"category": "external",
"summary": "SUSE Bug 583603 for CVE-2010-0654",
"url": "https://bugzilla.suse.com/583603"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-0654",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-0654"
},
{
"cve": "CVE-2010-1121",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1121"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving improper interaction with garbage collection, as demonstrated by Nils during a Pwn2Own competition at CanSecWest 2010.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1121",
"url": "https://www.suse.com/security/cve/CVE-2010-1121"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1121",
"url": "https://bugzilla.suse.com/603356"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1121"
},
{
"cve": "CVE-2010-1125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1125"
}
],
"notes": [
{
"category": "general",
"text": "The JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1125",
"url": "https://www.suse.com/security/cve/CVE-2010-1125"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1125",
"url": "https://bugzilla.suse.com/603356"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-1125"
},
{
"cve": "CVE-2010-1196",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1196"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1196",
"url": "https://www.suse.com/security/cve/CVE-2010-1196"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1196",
"url": "https://bugzilla.suse.com/603356"
},
{
"category": "external",
"summary": "SUSE Bug 617399 for CVE-2010-1196",
"url": "https://bugzilla.suse.com/617399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1196"
},
{
"cve": "CVE-2010-1197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1197"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, does not properly handle situations in which both \"Content-Disposition: attachment\" and \"Content-Type: multipart\" are present in HTTP headers, which allows remote attackers to conduct cross-site scripting (XSS) attacks via an uploaded HTML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1197",
"url": "https://www.suse.com/security/cve/CVE-2010-1197"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1197",
"url": "https://bugzilla.suse.com/603356"
},
{
"category": "external",
"summary": "SUSE Bug 617399 for CVE-2010-1197",
"url": "https://bugzilla.suse.com/617399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-1197"
},
{
"cve": "CVE-2010-1198",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1198"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1198",
"url": "https://www.suse.com/security/cve/CVE-2010-1198"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1198",
"url": "https://bugzilla.suse.com/603356"
},
{
"category": "external",
"summary": "SUSE Bug 617399 for CVE-2010-1198",
"url": "https://bugzilla.suse.com/617399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1198"
},
{
"cve": "CVE-2010-1199",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1199"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1199",
"url": "https://www.suse.com/security/cve/CVE-2010-1199"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1199",
"url": "https://bugzilla.suse.com/603356"
},
{
"category": "external",
"summary": "SUSE Bug 617399 for CVE-2010-1199",
"url": "https://bugzilla.suse.com/617399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1199"
},
{
"cve": "CVE-2010-1200",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1200"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1200",
"url": "https://www.suse.com/security/cve/CVE-2010-1200"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1200",
"url": "https://bugzilla.suse.com/603356"
},
{
"category": "external",
"summary": "SUSE Bug 617399 for CVE-2010-1200",
"url": "https://bugzilla.suse.com/617399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1200"
},
{
"cve": "CVE-2010-1201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1201"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.10, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1201",
"url": "https://www.suse.com/security/cve/CVE-2010-1201"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1201",
"url": "https://bugzilla.suse.com/603356"
},
{
"category": "external",
"summary": "SUSE Bug 617399 for CVE-2010-1201",
"url": "https://bugzilla.suse.com/617399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1201"
},
{
"cve": "CVE-2010-1202",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1202"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1202",
"url": "https://www.suse.com/security/cve/CVE-2010-1202"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1202",
"url": "https://bugzilla.suse.com/603356"
},
{
"category": "external",
"summary": "SUSE Bug 617399 for CVE-2010-1202",
"url": "https://bugzilla.suse.com/617399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1202"
},
{
"cve": "CVE-2010-1203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1203"
}
],
"notes": [
{
"category": "general",
"text": "The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger an assertion failure in jstracer.cpp.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1203",
"url": "https://www.suse.com/security/cve/CVE-2010-1203"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1203",
"url": "https://bugzilla.suse.com/603356"
},
{
"category": "external",
"summary": "SUSE Bug 617399 for CVE-2010-1203",
"url": "https://bugzilla.suse.com/617399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1203"
},
{
"cve": "CVE-2010-1205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1205"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1205",
"url": "https://www.suse.com/security/cve/CVE-2010-1205"
},
{
"category": "external",
"summary": "SUSE Bug 1188284 for CVE-2010-1205",
"url": "https://bugzilla.suse.com/1188284"
},
{
"category": "external",
"summary": "SUSE Bug 617866 for CVE-2010-1205",
"url": "https://bugzilla.suse.com/617866"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-1205",
"url": "https://bugzilla.suse.com/622506"
},
{
"category": "external",
"summary": "SUSE Bug 639941 for CVE-2010-1205",
"url": "https://bugzilla.suse.com/639941"
},
{
"category": "external",
"summary": "SUSE Bug 854395 for CVE-2010-1205",
"url": "https://bugzilla.suse.com/854395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1205"
},
{
"cve": "CVE-2010-1206",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1206"
}
],
"notes": [
{
"category": "general",
"text": "The startDocumentLoad function in browser/base/content/browser.js in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, does not properly implement the Same Origin Policy in certain circumstances related to the about:blank document and a document that is currently loading, which allows (1) remote web servers to conduct spoofing attacks via vectors involving a 204 (aka No Content) status code, and allows (2) remote attackers to conduct spoofing attacks via vectors involving a window.stop call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1206",
"url": "https://www.suse.com/security/cve/CVE-2010-1206"
},
{
"category": "external",
"summary": "SUSE Bug 618183 for CVE-2010-1206",
"url": "https://bugzilla.suse.com/618183"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-1206",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-1206"
},
{
"cve": "CVE-2010-1208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1208"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via vectors related to deletion of an event attribute node with a nonzero reference count.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1208",
"url": "https://www.suse.com/security/cve/CVE-2010-1208"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-1208",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1208"
},
{
"cve": "CVE-2010-1209",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1209"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the NodeIterator implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via a crafted NodeFilter that detaches DOM nodes, related to the NodeIterator interface and a javascript callback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1209",
"url": "https://www.suse.com/security/cve/CVE-2010-1209"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-1209",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1209"
},
{
"cve": "CVE-2010-1211",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1211"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1211",
"url": "https://www.suse.com/security/cve/CVE-2010-1211"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-1211",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1211"
},
{
"cve": "CVE-2010-1212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1212"
}
],
"notes": [
{
"category": "general",
"text": "js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) propagation of deep aborts in the TraceRecorder::record_JSOP_BINDNAME function, (2) depth handling in the TraceRecorder::record_JSOP_GETELEM function, and (3) tracing of out-of-range arguments in the TraceRecorder::record_JSOP_ARGSUB function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1212",
"url": "https://www.suse.com/security/cve/CVE-2010-1212"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-1212",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1212"
},
{
"cve": "CVE-2010-1213",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1213"
}
],
"notes": [
{
"category": "general",
"text": "The importScripts Web Worker method in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not verify that content is valid JavaScript code, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted HTML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1213",
"url": "https://www.suse.com/security/cve/CVE-2010-1213"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-1213",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-1213"
},
{
"cve": "CVE-2010-1214",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1214"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via plugin content with many parameter elements.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1214",
"url": "https://www.suse.com/security/cve/CVE-2010-1214"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-1214",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1214"
},
{
"cve": "CVE-2010-1585",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1585"
}
],
"notes": [
{
"category": "general",
"text": "The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 does not properly sanitize HTML in a chrome document, which makes it easier for remote attackers to execute arbitrary JavaScript with chrome privileges via a javascript: URI in input to an extension, as demonstrated by a javascript:alert sequence in (1) the HREF attribute of an A element or (2) the ACTION attribute of a FORM element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1585",
"url": "https://www.suse.com/security/cve/CVE-2010-1585"
},
{
"category": "external",
"summary": "SUSE Bug 667155 for CVE-2010-1585",
"url": "https://bugzilla.suse.com/667155"
},
{
"category": "external",
"summary": "SUSE Bug 679570 for CVE-2010-1585",
"url": "https://bugzilla.suse.com/679570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1585"
},
{
"cve": "CVE-2010-2751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2751"
}
],
"notes": [
{
"category": "general",
"text": "The nsDocShell::OnRedirectStateChange function in docshell/base/nsDocShell.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to spoof the SSL security status of a document via vectors involving multiple requests, a redirect, and the history.back and history.forward JavaScript functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2751",
"url": "https://www.suse.com/security/cve/CVE-2010-2751"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-2751",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2010-2751"
},
{
"cve": "CVE-2010-2752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2752"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code by placing many Cascading Style Sheets (CSS) values in an array, related to references to external font resources and an inconsistency between 16-bit and 32-bit integers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2752",
"url": "https://www.suse.com/security/cve/CVE-2010-2752"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-2752",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2752"
},
{
"cve": "CVE-2010-2753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2753"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code via a large selection attribute in a XUL tree element, which triggers a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2753",
"url": "https://www.suse.com/security/cve/CVE-2010-2753"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-2753",
"url": "https://bugzilla.suse.com/622506"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2753",
"url": "https://bugzilla.suse.com/637303"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2753"
},
{
"cve": "CVE-2010-2754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2754"
}
],
"notes": [
{
"category": "general",
"text": "dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script\u0027s URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2754",
"url": "https://www.suse.com/security/cve/CVE-2010-2754"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-2754",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-2754"
},
{
"cve": "CVE-2010-2760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2760"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsTreeSelection function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via vectors involving a XUL tree selection, related to a \"dangling pointer vulnerability.\" NOTE: this issue exists because of an incomplete fix for CVE-2010-2753.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2760",
"url": "https://www.suse.com/security/cve/CVE-2010-2760"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2760",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-2760",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2760"
},
{
"cve": "CVE-2010-2763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2763"
}
],
"notes": [
{
"category": "general",
"text": "The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox before 3.5.12, Thunderbird before 3.0.7, and SeaMonkey before 2.0.7 does not properly restrict scripted functions, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2763",
"url": "https://www.suse.com/security/cve/CVE-2010-2763"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2763",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-2763",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2763"
},
{
"cve": "CVE-2010-2764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2764"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, which allows remote attackers to discover the existence of intranet web servers via cross-origin requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2764",
"url": "https://www.suse.com/security/cve/CVE-2010-2764"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2764",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-2764",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2764"
},
{
"cve": "CVE-2010-2765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2765"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the FRAMESET element implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a large number of values in the cols (aka columns) attribute, leading to a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2765",
"url": "https://www.suse.com/security/cve/CVE-2010-2765"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2765",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-2765",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2765"
},
{
"cve": "CVE-2010-2766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2766"
}
],
"notes": [
{
"category": "general",
"text": "The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle the removal of DOM nodes during normalization, which might allow remote attackers to execute arbitrary code via vectors involving access to a deleted object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2766",
"url": "https://www.suse.com/security/cve/CVE-2010-2766"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2766",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-2766",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2766"
},
{
"cve": "CVE-2010-2767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2767"
}
],
"notes": [
{
"category": "general",
"text": "The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted access to the navigator object, related to a \"dangling pointer vulnerability.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2767",
"url": "https://www.suse.com/security/cve/CVE-2010-2767"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2767",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-2767",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2767"
},
{
"cve": "CVE-2010-2768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2768"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict use of the type attribute of an OBJECT element to set a document\u0027s charset, which allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms via UTF-7 encoding.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2768",
"url": "https://www.suse.com/security/cve/CVE-2010-2768"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2768",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-2768",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2768"
},
{
"cve": "CVE-2010-2769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2769"
}
],
"notes": [
{
"category": "general",
"text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allows user-assisted remote attackers to inject arbitrary web script or HTML via a selection that is added to a document in which the designMode property is enabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2769",
"url": "https://www.suse.com/security/cve/CVE-2010-2769"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2769",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-2769",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2769"
},
{
"cve": "CVE-2010-3166",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3166"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsTextFrameUtils::TransformText function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a bidirectional text run.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3166",
"url": "https://www.suse.com/security/cve/CVE-2010-3166"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-3166",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-3166",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3166"
},
{
"cve": "CVE-2010-3167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3167"
}
],
"notes": [
{
"category": "general",
"text": "The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vectors involving access to deleted memory, related to a \"dangling pointer vulnerability.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3167",
"url": "https://www.suse.com/security/cve/CVE-2010-3167"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-3167",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-3167",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3167"
},
{
"cve": "CVE-2010-3168",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3168"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to cause a denial of service (deleted memory access and application crash) or possibly execute arbitrary code by setting unspecified properties.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3168",
"url": "https://www.suse.com/security/cve/CVE-2010-3168"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-3168",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-3168",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3168"
},
{
"cve": "CVE-2010-3169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3169"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3169",
"url": "https://www.suse.com/security/cve/CVE-2010-3169"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-3169",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-3169",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3169"
},
{
"cve": "CVE-2010-3170",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3170"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject\u0027s Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3170",
"url": "https://www.suse.com/security/cve/CVE-2010-3170"
},
{
"category": "external",
"summary": "SUSE Bug 637290 for CVE-2010-3170",
"url": "https://bugzilla.suse.com/637290"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3170",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3170",
"url": "https://bugzilla.suse.com/652858"
},
{
"category": "external",
"summary": "SUSE Bug 868629 for CVE-2010-3170",
"url": "https://bugzilla.suse.com/868629"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-3170"
},
{
"cve": "CVE-2010-3173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3173"
}
],
"notes": [
{
"category": "general",
"text": "The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly set the minimum key length for Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3173",
"url": "https://www.suse.com/security/cve/CVE-2010-3173"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3173",
"url": "https://bugzilla.suse.com/645315"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2010-3173"
},
{
"cve": "CVE-2010-3174",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3174"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before 2.0.9 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3174",
"url": "https://www.suse.com/security/cve/CVE-2010-3174"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3174",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3174",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3174"
},
{
"cve": "CVE-2010-3175",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3175"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.11 and Thunderbird 3.1.x before 3.1.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3175",
"url": "https://www.suse.com/security/cve/CVE-2010-3175"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3175",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3175",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3175"
},
{
"cve": "CVE-2010-3176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3176"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3176",
"url": "https://www.suse.com/security/cve/CVE-2010-3176"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3176",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3176",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3176"
},
{
"cve": "CVE-2010-3177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3177"
}
],
"notes": [
{
"category": "general",
"text": "Multiple cross-site scripting (XSS) vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9, allow remote attackers to inject arbitrary web script or HTML via a crafted name of a (1) file or (2) directory on a Gopher server.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3177",
"url": "https://www.suse.com/security/cve/CVE-2010-3177"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3177",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3177",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-3177"
},
{
"cve": "CVE-2010-3178",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3178"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 do not properly handle certain modal calls made by javascript: URLs in circumstances related to opening a new window and performing cross-domain navigation, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3178",
"url": "https://www.suse.com/security/cve/CVE-2010-3178"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3178",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3178",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-3178"
},
{
"cve": "CVE-2010-3179",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3179"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a long argument to the document.write method.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3179",
"url": "https://www.suse.com/security/cve/CVE-2010-3179"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3179",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3179",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3179"
},
{
"cve": "CVE-2010-3180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3180"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code by accessing the locationbar property of a closed window.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3180",
"url": "https://www.suse.com/security/cve/CVE-2010-3180"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3180",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3180",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3180"
},
{
"cve": "CVE-2010-3182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3182"
}
],
"notes": [
{
"category": "general",
"text": "A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3182",
"url": "https://www.suse.com/security/cve/CVE-2010-3182"
},
{
"category": "external",
"summary": "SUSE Bug 642502 for CVE-2010-3182",
"url": "https://bugzilla.suse.com/642502"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3182",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3182",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-3182"
},
{
"cve": "CVE-2010-3183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3183"
}
],
"notes": [
{
"category": "general",
"text": "The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.__lookupGetter__ function calls that lack arguments, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via vectors involving a \"dangling pointer\" and the JS_ValueToId function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3183",
"url": "https://www.suse.com/security/cve/CVE-2010-3183"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3183",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3183",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3183"
},
{
"cve": "CVE-2010-3765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3765"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3765",
"url": "https://www.suse.com/security/cve/CVE-2010-3765"
},
{
"category": "external",
"summary": "SUSE Bug 649492 for CVE-2010-3765",
"url": "https://bugzilla.suse.com/649492"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3765",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3765"
},
{
"cve": "CVE-2010-3766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3766"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via vectors involving a change to an nsDOMAttribute node.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3766",
"url": "https://www.suse.com/security/cve/CVE-2010-3766"
},
{
"category": "external",
"summary": "SUSE Bug 657016 for CVE-2010-3766",
"url": "https://bugzilla.suse.com/657016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3766"
},
{
"cve": "CVE-2010-3767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3767"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the NewIdArray function in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via a JavaScript array with many elements.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3767",
"url": "https://www.suse.com/security/cve/CVE-2010-3767"
},
{
"category": "external",
"summary": "SUSE Bug 657016 for CVE-2010-3767",
"url": "https://bugzilla.suse.com/657016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3767"
},
{
"cve": "CVE-2010-3768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3768"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system\u0027s font implementation, which allows remote attackers to execute arbitrary code via vectors related to @font-face Cascading Style Sheets (CSS) rules.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3768",
"url": "https://www.suse.com/security/cve/CVE-2010-3768"
},
{
"category": "external",
"summary": "SUSE Bug 657016 for CVE-2010-3768",
"url": "https://bugzilla.suse.com/657016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3768"
},
{
"cve": "CVE-2010-3769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3769"
}
],
"notes": [
{
"category": "general",
"text": "The line-breaking implementation in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 on Windows does not properly handle long strings, which allows remote attackers to execute arbitrary code via a crafted document.write call that triggers a buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3769",
"url": "https://www.suse.com/security/cve/CVE-2010-3769"
},
{
"category": "external",
"summary": "SUSE Bug 657016 for CVE-2010-3769",
"url": "https://bugzilla.suse.com/657016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3769"
},
{
"cve": "CVE-2010-3770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3770"
}
],
"notes": [
{
"category": "general",
"text": "Multiple cross-site scripting (XSS) vulnerabilities in the rendering engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allow remote attackers to inject arbitrary web script or HTML via (1) x-mac-arabic, (2) x-mac-farsi, or (3) x-mac-hebrew characters that may be converted to angle brackets during rendering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3770",
"url": "https://www.suse.com/security/cve/CVE-2010-3770"
},
{
"category": "external",
"summary": "SUSE Bug 657016 for CVE-2010-3770",
"url": "https://bugzilla.suse.com/657016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-3770"
},
{
"cve": "CVE-2010-3771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3771"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle injection of an ISINDEX element into an about:blank page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to redirection to a chrome: URI.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3771",
"url": "https://www.suse.com/security/cve/CVE-2010-3771"
},
{
"category": "external",
"summary": "SUSE Bug 657016 for CVE-2010-3771",
"url": "https://bugzilla.suse.com/657016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-3771"
},
{
"cve": "CVE-2010-3772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3772"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly calculate index values for certain child content in a XUL tree, which allows remote attackers to execute arbitrary code via vectors involving a DIV element within a treechildren element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3772",
"url": "https://www.suse.com/security/cve/CVE-2010-3772"
},
{
"category": "external",
"summary": "SUSE Bug 657016 for CVE-2010-3772",
"url": "https://bugzilla.suse.com/657016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3772"
},
{
"cve": "CVE-2010-3773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3773"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute arbitrary JavaScript via a crafted HTTP response. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-0179.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3773",
"url": "https://www.suse.com/security/cve/CVE-2010-3773"
},
{
"category": "external",
"summary": "SUSE Bug 657016 for CVE-2010-3773",
"url": "https://bugzilla.suse.com/657016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-3773"
},
{
"cve": "CVE-2010-3775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3775"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle certain redirections involving data: URLs and Java LiveConnect scripts, which allows remote attackers to start processes, read arbitrary local files, and establish network connections via vectors involving a refresh value in the http-equiv attribute of a META element, which causes the wrong security principal to be used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3775",
"url": "https://www.suse.com/security/cve/CVE-2010-3775"
},
{
"category": "external",
"summary": "SUSE Bug 657016 for CVE-2010-3775",
"url": "https://bugzilla.suse.com/657016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3775"
},
{
"cve": "CVE-2010-3776",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3776"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3776",
"url": "https://www.suse.com/security/cve/CVE-2010-3776"
},
{
"category": "external",
"summary": "SUSE Bug 657016 for CVE-2010-3776",
"url": "https://bugzilla.suse.com/657016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3776"
},
{
"cve": "CVE-2010-3777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3777"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Mozilla Firefox 3.6.x before 3.6.13 and Thunderbird 3.1.x before 3.1.7 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3777",
"url": "https://www.suse.com/security/cve/CVE-2010-3777"
},
{
"category": "external",
"summary": "SUSE Bug 657016 for CVE-2010-3777",
"url": "https://bugzilla.suse.com/657016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3777"
},
{
"cve": "CVE-2010-3778",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3778"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Mozilla Firefox 3.5.x before 3.5.16, Thunderbird before 3.0.11, and SeaMonkey before 2.0.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3778",
"url": "https://www.suse.com/security/cve/CVE-2010-3778"
},
{
"category": "external",
"summary": "SUSE Bug 657016 for CVE-2010-3778",
"url": "https://bugzilla.suse.com/657016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3778"
},
{
"cve": "CVE-2011-0051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0051"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, does not properly handle certain recursive eval calls, which makes it easier for remote attackers to force a user to respond positively to a dialog question, as demonstrated by a question about granting privileges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0051",
"url": "https://www.suse.com/security/cve/CVE-2011-0051"
},
{
"category": "external",
"summary": "SUSE Bug 667155 for CVE-2011-0051",
"url": "https://bugzilla.suse.com/667155"
},
{
"category": "external",
"summary": "SUSE Bug 679570 for CVE-2011-0051",
"url": "https://bugzilla.suse.com/679570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-0051"
},
{
"cve": "CVE-2011-0053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0053"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0053",
"url": "https://www.suse.com/security/cve/CVE-2011-0053"
},
{
"category": "external",
"summary": "SUSE Bug 667155 for CVE-2011-0053",
"url": "https://bugzilla.suse.com/667155"
},
{
"category": "external",
"summary": "SUSE Bug 679570 for CVE-2011-0053",
"url": "https://bugzilla.suse.com/679570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0053"
},
{
"cve": "CVE-2011-0054",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0054"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via vectors involving non-local JavaScript variables, aka an \"upvarMap\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0054",
"url": "https://www.suse.com/security/cve/CVE-2011-0054"
},
{
"category": "external",
"summary": "SUSE Bug 667155 for CVE-2011-0054",
"url": "https://bugzilla.suse.com/667155"
},
{
"category": "external",
"summary": "SUSE Bug 679570 for CVE-2011-0054",
"url": "https://bugzilla.suse.com/679570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0054"
},
{
"cve": "CVE-2011-0055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0055"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the JSON.stringify method in js3250.dll in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via unspecified vectors related to the js_HasOwnProperty function and garbage collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0055",
"url": "https://www.suse.com/security/cve/CVE-2011-0055"
},
{
"category": "external",
"summary": "SUSE Bug 667155 for CVE-2011-0055",
"url": "https://bugzilla.suse.com/667155"
},
{
"category": "external",
"summary": "SUSE Bug 679570 for CVE-2011-0055",
"url": "https://bugzilla.suse.com/679570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0055"
},
{
"cve": "CVE-2011-0056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0056"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via vectors involving exception timing and a large number of string values, aka an \"atom map\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0056",
"url": "https://www.suse.com/security/cve/CVE-2011-0056"
},
{
"category": "external",
"summary": "SUSE Bug 667155 for CVE-2011-0056",
"url": "https://bugzilla.suse.com/667155"
},
{
"category": "external",
"summary": "SUSE Bug 679570 for CVE-2011-0056",
"url": "https://bugzilla.suse.com/679570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0056"
},
{
"cve": "CVE-2011-0057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0057"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the Web Workers implementation in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to execute arbitrary code via vectors related to a JavaScript Worker and garbage collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0057",
"url": "https://www.suse.com/security/cve/CVE-2011-0057"
},
{
"category": "external",
"summary": "SUSE Bug 667155 for CVE-2011-0057",
"url": "https://bugzilla.suse.com/667155"
},
{
"category": "external",
"summary": "SUSE Bug 679570 for CVE-2011-0057",
"url": "https://bugzilla.suse.com/679570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0057"
},
{
"cve": "CVE-2011-0059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0059"
}
],
"notes": [
{
"category": "general",
"text": "Cross-site request forgery (CSRF) vulnerability in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to hijack the authentication of arbitrary users for requests that were initiated by a plugin and received a 307 redirect to a page on a different web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0059",
"url": "https://www.suse.com/security/cve/CVE-2011-0059"
},
{
"category": "external",
"summary": "SUSE Bug 667155 for CVE-2011-0059",
"url": "https://bugzilla.suse.com/667155"
},
{
"category": "external",
"summary": "SUSE Bug 679570 for CVE-2011-0059",
"url": "https://bugzilla.suse.com/679570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-0059"
},
{
"cve": "CVE-2011-0061",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0061"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0061",
"url": "https://www.suse.com/security/cve/CVE-2011-0061"
},
{
"category": "external",
"summary": "SUSE Bug 667155 for CVE-2011-0061",
"url": "https://bugzilla.suse.com/667155"
},
{
"category": "external",
"summary": "SUSE Bug 679570 for CVE-2011-0061",
"url": "https://bugzilla.suse.com/679570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0061"
},
{
"cve": "CVE-2011-0062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0062"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0062",
"url": "https://www.suse.com/security/cve/CVE-2011-0062"
},
{
"category": "external",
"summary": "SUSE Bug 667155 for CVE-2011-0062",
"url": "https://bugzilla.suse.com/667155"
},
{
"category": "external",
"summary": "SUSE Bug 679570 for CVE-2011-0062",
"url": "https://bugzilla.suse.com/679570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0062"
},
{
"cve": "CVE-2011-0084",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0084"
}
],
"notes": [
{
"category": "general",
"text": "The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a \"dangling pointer.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0084",
"url": "https://www.suse.com/security/cve/CVE-2011-0084"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-0084",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0084"
},
{
"cve": "CVE-2011-1187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-1187"
}
],
"notes": [
{
"category": "general",
"text": "Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an \"error message leak.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-1187",
"url": "https://www.suse.com/security/cve/CVE-2011-1187"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2011-1187",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-1187"
},
{
"cve": "CVE-2011-2366",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2366"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Gecko before 5.0, as used in Firefox before 5.0 and Thunderbird before 5.0, does not block use of a cross-domain image as a WebGL texture, which allows remote attackers to obtain approximate copies of arbitrary images via a timing attack involving a crafted WebGL fragment shader.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2366",
"url": "https://www.suse.com/security/cve/CVE-2011-2366"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2366",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2366"
},
{
"cve": "CVE-2011-2367",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2367"
}
],
"notes": [
{
"category": "general",
"text": "The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict read operations, which allows remote attackers to obtain sensitive information from GPU memory associated with an arbitrary process, or cause a denial of service (application crash), via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2367",
"url": "https://www.suse.com/security/cve/CVE-2011-2367"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2367",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-2367"
},
{
"cve": "CVE-2011-2368",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2368"
}
],
"notes": [
{
"category": "general",
"text": "The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict write operations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2368",
"url": "https://www.suse.com/security/cve/CVE-2011-2368"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2368",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2368"
},
{
"cve": "CVE-2011-2369",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2369"
}
],
"notes": [
{
"category": "general",
"text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 4.0.1 allows remote attackers to inject arbitrary web script or HTML via an SVG element containing an HTML-encoded entity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2369",
"url": "https://www.suse.com/security/cve/CVE-2011-2369"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2369",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-2369"
},
{
"cve": "CVE-2011-2370",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2370"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 5.0 does not properly enforce the whitelist for the xpinstall functionality, which allows remote attackers to trigger an installation dialog for a (1) add-on or (2) theme via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2370",
"url": "https://www.suse.com/security/cve/CVE-2011-2370"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2370",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-2370"
},
{
"cve": "CVE-2011-2371",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2371"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via vectors involving a long JavaScript Array object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2371",
"url": "https://www.suse.com/security/cve/CVE-2011-2371"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2371",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2371"
},
{
"cve": "CVE-2011-2372",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2372"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2372",
"url": "https://www.suse.com/security/cve/CVE-2011-2372"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-2372",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-2372"
},
{
"cve": "CVE-2011-2373",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2373"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14, when JavaScript is disabled, allows remote attackers to execute arbitrary code via a crafted XUL document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2373",
"url": "https://www.suse.com/security/cve/CVE-2011-2373"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2373",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2011-2373"
},
{
"cve": "CVE-2011-2374",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2374"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, and Thunderbird before 3.1.11, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2374",
"url": "https://www.suse.com/security/cve/CVE-2011-2374"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2374",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2374"
},
{
"cve": "CVE-2011-2375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2375"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 5.0 and Thunderbird through 3.1.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2375",
"url": "https://www.suse.com/security/cve/CVE-2011-2375"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2375",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2375"
},
{
"cve": "CVE-2011-2377",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2377"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2377",
"url": "https://www.suse.com/security/cve/CVE-2011-2377"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2377",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-2377"
},
{
"cve": "CVE-2011-2985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2985"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2985",
"url": "https://www.suse.com/security/cve/CVE-2011-2985"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-2985",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2985"
},
{
"cve": "CVE-2011-2986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2986"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products, when the Direct2D (aka D2D) API is used on Windows, allows remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2986",
"url": "https://www.suse.com/security/cve/CVE-2011-2986"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-2986",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-2986"
},
{
"cve": "CVE-2011-2988",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2988"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in an unspecified string class in the WebGL shader implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long source-code block for a shader.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2988",
"url": "https://www.suse.com/security/cve/CVE-2011-2988"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-2988",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2988"
},
{
"cve": "CVE-2011-2989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2989"
}
],
"notes": [
{
"category": "general",
"text": "The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement WebGL, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2989",
"url": "https://www.suse.com/security/cve/CVE-2011-2989"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-2989",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2989"
},
{
"cve": "CVE-2011-2990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2990"
}
],
"notes": [
{
"category": "general",
"text": "The implementation of Content Security Policy (CSP) violation reports in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not remove proxy-authorization credentials from the listed request headers, which allows attackers to obtain sensitive information by reading a report, related to incorrect host resolution that occurs with certain redirects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2990",
"url": "https://www.suse.com/security/cve/CVE-2011-2990"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-2990",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-2990"
},
{
"cve": "CVE-2011-2991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2991"
}
],
"notes": [
{
"category": "general",
"text": "The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement JavaScript, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2991",
"url": "https://www.suse.com/security/cve/CVE-2011-2991"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-2991",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2991"
},
{
"cve": "CVE-2011-2992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2992"
}
],
"notes": [
{
"category": "general",
"text": "The Ogg reader in the browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2992",
"url": "https://www.suse.com/security/cve/CVE-2011-2992"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-2992",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2992"
},
{
"cve": "CVE-2011-2993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2993"
}
],
"notes": [
{
"category": "general",
"text": "The implementation of digital signatures for JAR files in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not prevent calls from unsigned JavaScript code to signed code, which allows remote attackers to bypass the Same Origin Policy and gain privileges via a crafted web site, a different vulnerability than CVE-2008-2801.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2993",
"url": "https://www.suse.com/security/cve/CVE-2011-2993"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-2993",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2993"
},
{
"cve": "CVE-2011-2995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2995"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2995",
"url": "https://www.suse.com/security/cve/CVE-2011-2995"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-2995",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2995"
},
{
"cve": "CVE-2011-2996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2996"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the plugin API in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2996",
"url": "https://www.suse.com/security/cve/CVE-2011-2996"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-2996",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2996"
},
{
"cve": "CVE-2011-2997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2997"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2997",
"url": "https://www.suse.com/security/cve/CVE-2011-2997"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-2997",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2997"
},
{
"cve": "CVE-2011-3000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3000"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote attackers to conduct HTTP response splitting attacks via crafted header values.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3000",
"url": "https://www.suse.com/security/cve/CVE-2011-3000"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-3000",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-3000"
},
{
"cve": "CVE-2011-3001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3001"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent manual add-on installation in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that triggers an unspecified internal error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3001",
"url": "https://www.suse.com/security/cve/CVE-2011-3001"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-3001",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-3001"
},
{
"cve": "CVE-2011-3002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3002"
}
],
"notes": [
{
"category": "general",
"text": "Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 7.0 and SeaMonkey before 2.4, does not validate the return value of a GrowAtomTable function call, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a memory-allocation error and a resulting buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3002",
"url": "https://www.suse.com/security/cve/CVE-2011-3002"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-3002",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3002"
},
{
"cve": "CVE-2011-3003",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3003"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 7.0 and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unspecified WebGL test case that triggers a memory-allocation error and a resulting out-of-bounds write operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3003",
"url": "https://www.suse.com/security/cve/CVE-2011-3003"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-3003",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3003"
},
{
"cve": "CVE-2011-3004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3004"
}
],
"notes": [
{
"category": "general",
"text": "The JSSubScriptLoader in Mozilla Firefox 4.x through 6 and SeaMonkey before 2.4 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a crafted web site that leverages certain unwrapping behavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3004",
"url": "https://www.suse.com/security/cve/CVE-2011-3004"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-3004",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-3004"
},
{
"cve": "CVE-2011-3005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3005"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OGG headers in a .ogg file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3005",
"url": "https://www.suse.com/security/cve/CVE-2011-3005"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-3005",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3005"
},
{
"cve": "CVE-2011-3026",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3026"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3026",
"url": "https://www.suse.com/security/cve/CVE-2011-3026"
},
{
"category": "external",
"summary": "SUSE Bug 747311 for CVE-2011-3026",
"url": "https://bugzilla.suse.com/747311"
},
{
"category": "external",
"summary": "SUSE Bug 747327 for CVE-2011-3026",
"url": "https://bugzilla.suse.com/747327"
},
{
"category": "external",
"summary": "SUSE Bug 747328 for CVE-2011-3026",
"url": "https://bugzilla.suse.com/747328"
},
{
"category": "external",
"summary": "SUSE Bug 773612 for CVE-2011-3026",
"url": "https://bugzilla.suse.com/773612"
},
{
"category": "external",
"summary": "SUSE Bug 854395 for CVE-2011-3026",
"url": "https://bugzilla.suse.com/854395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2011-3026"
},
{
"cve": "CVE-2011-3062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3062"
}
],
"notes": [
{
"category": "general",
"text": "Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3062",
"url": "https://www.suse.com/security/cve/CVE-2011-3062"
},
{
"category": "external",
"summary": "SUSE Bug 754458 for CVE-2011-3062",
"url": "https://bugzilla.suse.com/754458"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2011-3062",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3062"
},
{
"cve": "CVE-2011-3101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3101"
}
],
"notes": [
{
"category": "general",
"text": "Google Chrome before 19.0.1084.46 on Linux does not properly mitigate an unspecified flaw in an NVIDIA driver, which has unknown impact and attack vectors. NOTE: see CVE-2012-3105 for the related MFSA 2012-34 issue in Mozilla products.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3101",
"url": "https://www.suse.com/security/cve/CVE-2011-3101"
},
{
"category": "external",
"summary": "SUSE Bug 762481 for CVE-2011-3101",
"url": "https://bugzilla.suse.com/762481"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2011-3101",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3101"
},
{
"cve": "CVE-2011-3232",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3232"
}
],
"notes": [
{
"category": "general",
"text": "YARR, as used in Mozilla Firefox before 7.0, Thunderbird before 7.0, and SeaMonkey before 2.4, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3232",
"url": "https://www.suse.com/security/cve/CVE-2011-3232"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-3232",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3232"
},
{
"cve": "CVE-2011-3648",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3648"
}
],
"notes": [
{
"category": "general",
"text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script or HTML via crafted text with Shift JIS encoding.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3648",
"url": "https://www.suse.com/security/cve/CVE-2011-3648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-3648"
},
{
"cve": "CVE-2011-3650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3650"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted file that is accessed by debugging APIs, as demonstrated by Firebug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3650",
"url": "https://www.suse.com/security/cve/CVE-2011-3650"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3650"
},
{
"cve": "CVE-2011-3651",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3651"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 7.0 and Thunderbird 7.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3651",
"url": "https://www.suse.com/security/cve/CVE-2011-3651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3651"
},
{
"cve": "CVE-2011-3652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3652"
}
],
"notes": [
{
"category": "general",
"text": "The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3652",
"url": "https://www.suse.com/security/cve/CVE-2011-3652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3652"
},
{
"cve": "CVE-2011-3654",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3654"
}
],
"notes": [
{
"category": "general",
"text": "The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly handle links from SVG mpath elements to non-SVG elements, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3654",
"url": "https://www.suse.com/security/cve/CVE-2011-3654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3654"
},
{
"cve": "CVE-2011-3655",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3655"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 7.0 and Thunderbird 5.0 through 7.0 perform access control without checking for use of the NoWaiverWrapper wrapper, which allows remote attackers to gain privileges via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3655",
"url": "https://www.suse.com/security/cve/CVE-2011-3655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3655"
},
{
"cve": "CVE-2011-3658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3658"
}
],
"notes": [
{
"category": "general",
"text": "The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3658",
"url": "https://www.suse.com/security/cve/CVE-2011-3658"
},
{
"category": "external",
"summary": "SUSE Bug 737533 for CVE-2011-3658",
"url": "https://bugzilla.suse.com/737533"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2011-3658",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2011-3658",
"url": "https://bugzilla.suse.com/750044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2011-3658"
},
{
"cve": "CVE-2011-3659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3659"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3659",
"url": "https://www.suse.com/security/cve/CVE-2011-3659"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2011-3659",
"url": "https://bugzilla.suse.com/744275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3659"
},
{
"cve": "CVE-2011-3660",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3660"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger a compartment mismatch associated with the nsDOMMessageEvent::GetData function, and unknown other vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3660",
"url": "https://www.suse.com/security/cve/CVE-2011-3660"
},
{
"category": "external",
"summary": "SUSE Bug 737533 for CVE-2011-3660",
"url": "https://bugzilla.suse.com/737533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3660"
},
{
"cve": "CVE-2011-3661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3661"
}
],
"notes": [
{
"category": "general",
"text": "YARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3661",
"url": "https://www.suse.com/security/cve/CVE-2011-3661"
},
{
"category": "external",
"summary": "SUSE Bug 737533 for CVE-2011-3661",
"url": "https://bugzilla.suse.com/737533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2011-3661"
},
{
"cve": "CVE-2011-3663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3663"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to capture keystrokes entered on a web page, even when JavaScript is disabled, by using SVG animation accessKey events within that web page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3663",
"url": "https://www.suse.com/security/cve/CVE-2011-3663"
},
{
"category": "external",
"summary": "SUSE Bug 737533 for CVE-2011-3663",
"url": "https://bugzilla.suse.com/737533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-3663"
},
{
"cve": "CVE-2012-0441",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0441"
}
],
"notes": [
{
"category": "general",
"text": "The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0441",
"url": "https://www.suse.com/security/cve/CVE-2012-0441"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-0441",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0441"
},
{
"cve": "CVE-2012-0442",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0442"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0442",
"url": "https://www.suse.com/security/cve/CVE-2012-0442"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2012-0442",
"url": "https://bugzilla.suse.com/744275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0442"
},
{
"cve": "CVE-2012-0443",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0443"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0443",
"url": "https://www.suse.com/security/cve/CVE-2012-0443"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2012-0443",
"url": "https://bugzilla.suse.com/744275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0443"
},
{
"cve": "CVE-2012-0444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0444"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0444",
"url": "https://www.suse.com/security/cve/CVE-2012-0444"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2012-0444",
"url": "https://bugzilla.suse.com/744275"
},
{
"category": "external",
"summary": "SUSE Bug 747912 for CVE-2012-0444",
"url": "https://bugzilla.suse.com/747912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0444"
},
{
"cve": "CVE-2012-0445",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0445"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to bypass the HTML5 frame-navigation policy and replace arbitrary sub-frames by creating a form submission target with a sub-frame\u0027s name attribute.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0445",
"url": "https://www.suse.com/security/cve/CVE-2012-0445"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2012-0445",
"url": "https://bugzilla.suse.com/744275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0445"
},
{
"cve": "CVE-2012-0446",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0446"
}
],
"notes": [
{
"category": "general",
"text": "Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to inject arbitrary web script or HTML via a (1) web page or (2) Firefox extension, related to improper enforcement of XPConnect security restrictions for frame scripts that call untrusted objects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0446",
"url": "https://www.suse.com/security/cve/CVE-2012-0446"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2012-0446",
"url": "https://bugzilla.suse.com/744275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0446"
},
{
"cve": "CVE-2012-0447",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0447"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize data for image/vnd.microsoft.icon images, which allows remote attackers to obtain potentially sensitive information by reading a PNG image that was created through conversion from an ICO image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0447",
"url": "https://www.suse.com/security/cve/CVE-2012-0447"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2012-0447",
"url": "https://bugzilla.suse.com/744275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0447"
},
{
"cve": "CVE-2012-0449",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0449"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed XSLT stylesheet that is embedded in a document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0449",
"url": "https://www.suse.com/security/cve/CVE-2012-0449"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2012-0449",
"url": "https://bugzilla.suse.com/744275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0449"
},
{
"cve": "CVE-2012-0451",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0451"
}
],
"notes": [
{
"category": "general",
"text": "CRLF injection vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote web servers to bypass intended Content Security Policy (CSP) restrictions and possibly conduct cross-site scripting (XSS) attacks via crafted HTTP headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0451",
"url": "https://www.suse.com/security/cve/CVE-2012-0451"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0451",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0451",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0451",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0451"
},
{
"cve": "CVE-2012-0452",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0452"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, Thunderbird 10.x before 10.0.1, and SeaMonkey 2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger failure of an nsXBLDocumentInfo::ReadPrototypeBindings function call, related to the cycle collector\u0027s access to a hash table containing a stale XBL binding.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0452",
"url": "https://www.suse.com/security/cve/CVE-2012-0452"
},
{
"category": "external",
"summary": "SUSE Bug 746616 for CVE-2012-0452",
"url": "https://bugzilla.suse.com/746616"
},
{
"category": "external",
"summary": "SUSE Bug 746663 for CVE-2012-0452",
"url": "https://bugzilla.suse.com/746663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-0452"
},
{
"cve": "CVE-2012-0455",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0455"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict drag-and-drop operations on javascript: URLs, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web page, related to a \"DragAndDropJacking\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0455",
"url": "https://www.suse.com/security/cve/CVE-2012-0455"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0455",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0455",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0455",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0455"
},
{
"cve": "CVE-2012-0456",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0456"
}
],
"notes": [
{
"category": "general",
"text": "The SVG Filters implementation in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to obtain sensitive information from process memory via vectors that trigger an out-of-bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0456",
"url": "https://www.suse.com/security/cve/CVE-2012-0456"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0456",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0456",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0456",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0456"
},
{
"cve": "CVE-2012-0457",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0457"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsSMILTimeValueSpec::ConvertBetweenTimeContainer function in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to execute arbitrary code via an SVG animation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0457",
"url": "https://www.suse.com/security/cve/CVE-2012-0457"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0457",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0457",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0457",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0457"
},
{
"cve": "CVE-2012-0458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0458"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict setting the home page through the dragging of a URL to the home button, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a javascript: URL that is later interpreted in the about:sessionrestore context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0458",
"url": "https://www.suse.com/security/cve/CVE-2012-0458"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0458",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0458",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0458",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0458"
},
{
"cve": "CVE-2012-0459",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0459"
}
],
"notes": [
{
"category": "general",
"text": "The Cascading Style Sheets (CSS) implementation in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via dynamic modification of a keyframe followed by access to the cssText of the keyframe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0459",
"url": "https://www.suse.com/security/cve/CVE-2012-0459"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0459",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0459",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0459",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-0459"
},
{
"cve": "CVE-2012-0460",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0460"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict write access to the window.fullScreen object, which allows remote attackers to spoof the user interface via a crafted web page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0460",
"url": "https://www.suse.com/security/cve/CVE-2012-0460"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0460",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0460",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0460",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0460"
},
{
"cve": "CVE-2012-0461",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0461"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0461",
"url": "https://www.suse.com/security/cve/CVE-2012-0461"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0461",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0461",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0461",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-0461"
},
{
"cve": "CVE-2012-0462",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0462"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0462",
"url": "https://www.suse.com/security/cve/CVE-2012-0462"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0462",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0462",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0462",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-0462"
},
{
"cve": "CVE-2012-0463",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0463"
}
],
"notes": [
{
"category": "general",
"text": "The nsWindow implementation in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 does not check the validity of an instance after event dispatching, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, as demonstrated by Mobile Firefox on Android.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0463",
"url": "https://www.suse.com/security/cve/CVE-2012-0463"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0463",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0463",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0463",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-0463"
},
{
"cve": "CVE-2012-0464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0464"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to execute arbitrary code via vectors involving an empty argument to the array.join function in conjunction with the triggering of garbage collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0464",
"url": "https://www.suse.com/security/cve/CVE-2012-0464"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0464",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0464",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0464",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-0464"
},
{
"cve": "CVE-2012-0467",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0467"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0467",
"url": "https://www.suse.com/security/cve/CVE-2012-0467"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0467",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0467"
},
{
"cve": "CVE-2012-0468",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0468"
}
],
"notes": [
{
"category": "general",
"text": "The browser engine in Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (assertion failure and memory corruption) or possibly execute arbitrary code via vectors related to jsval.h and the js::array_shift function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0468",
"url": "https://www.suse.com/security/cve/CVE-2012-0468"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0468",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0468"
},
{
"cve": "CVE-2012-0469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0469"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::dom::indexedDB::IDBKeyRange::cycleCollection::Trace function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to execute arbitrary code via vectors related to crafted IndexedDB data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0469",
"url": "https://www.suse.com/security/cve/CVE-2012-0469"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0469",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0469"
},
{
"cve": "CVE-2012-0470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0470"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsSVGFEDiffuseLightingElement::LightPixel function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (invalid gfxImageSurface free operation) or possibly execute arbitrary code by leveraging the use of \"different number systems.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0470",
"url": "https://www.suse.com/security/cve/CVE-2012-0470"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0470",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0470"
},
{
"cve": "CVE-2012-0471",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0471"
}
],
"notes": [
{
"category": "general",
"text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via a multibyte character set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0471",
"url": "https://www.suse.com/security/cve/CVE-2012-0471"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0471",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0471"
},
{
"cve": "CVE-2012-0472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0472"
}
],
"notes": [
{
"category": "general",
"text": "The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9, when certain Windows Vista and Windows 7 configurations are used, does not properly restrict font-rendering attempts, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0472",
"url": "https://www.suse.com/security/cve/CVE-2012-0472"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0472",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0472"
},
{
"cve": "CVE-2012-0473",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0473"
}
],
"notes": [
{
"category": "general",
"text": "The WebGLBuffer::FindMaxUshortElement function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 calls the FindMaxElementInSubArray function with incorrect template arguments, which allows remote attackers to obtain sensitive information from video memory via a crafted WebGL.drawElements call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0473",
"url": "https://www.suse.com/security/cve/CVE-2012-0473"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0473",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0473"
},
{
"cve": "CVE-2012-0474",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0474"
}
],
"notes": [
{
"category": "general",
"text": "Cross-site scripting (XSS) vulnerability in the docshell implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via vectors related to short-circuited page loads, aka \"Universal XSS (UXSS).\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0474",
"url": "https://www.suse.com/security/cve/CVE-2012-0474"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0474",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0474"
},
{
"cve": "CVE-2012-0475",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0475"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 do not properly construct the Origin and Sec-WebSocket-Origin HTTP headers, which might allow remote attackers to bypass an IPv6 literal ACL via a cross-site (1) XMLHttpRequest or (2) WebSocket operation involving a nonstandard port number and an IPv6 address that contains certain zero fields.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0475",
"url": "https://www.suse.com/security/cve/CVE-2012-0475"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0475",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0475"
},
{
"cve": "CVE-2012-0477",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0477"
}
],
"notes": [
{
"category": "general",
"text": "Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to inject arbitrary web script or HTML via the (1) ISO-2022-KR or (2) ISO-2022-CN character set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0477",
"url": "https://www.suse.com/security/cve/CVE-2012-0477"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0477",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0477"
},
{
"cve": "CVE-2012-0478",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0478"
}
],
"notes": [
{
"category": "general",
"text": "The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0478",
"url": "https://www.suse.com/security/cve/CVE-2012-0478"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0478",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0478"
},
{
"cve": "CVE-2012-0479",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0479"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) Atom XML content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0479",
"url": "https://www.suse.com/security/cve/CVE-2012-0479"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0479",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0479"
},
{
"cve": "CVE-2012-0759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0759"
}
],
"notes": [
{
"category": "general",
"text": "Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0771.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0759",
"url": "https://www.suse.com/security/cve/CVE-2012-0759"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2012-0759",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0759"
},
{
"cve": "CVE-2012-1937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1937"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1937",
"url": "https://www.suse.com/security/cve/CVE-2012-1937"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-1937",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1937"
},
{
"cve": "CVE-2012-1938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1938"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) methodjit/ImmutableSync.cpp, (2) the JSObject::makeDenseArraySlow function in js/src/jsarray.cpp, and unknown other components.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1938",
"url": "https://www.suse.com/security/cve/CVE-2012-1938"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-1938",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1938"
},
{
"cve": "CVE-2012-1940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1940"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by changing the size of a container of absolutely positioned elements in a column.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1940",
"url": "https://www.suse.com/security/cve/CVE-2012-1940"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-1940",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1940"
},
{
"cve": "CVE-2012-1941",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1941"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsHTMLReflowState::CalculateHypotheticalBox function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code by resizing a window displaying absolutely positioned and relatively positioned elements in nested columns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1941",
"url": "https://www.suse.com/security/cve/CVE-2012-1941"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-1941",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1941"
},
{
"cve": "CVE-2012-1944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1944"
}
],
"notes": [
{
"category": "general",
"text": "The Content Security Policy (CSP) implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not block inline event handlers, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted HTML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1944",
"url": "https://www.suse.com/security/cve/CVE-2012-1944"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-1944",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-1944"
},
{
"cve": "CVE-2012-1945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1945"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut (aka .lnk) file for display within an IFRAME element, as demonstrated by a network share implemented by (1) Microsoft Windows or (2) Samba.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1945",
"url": "https://www.suse.com/security/cve/CVE-2012-1945"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-1945",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-1945"
},
{
"cve": "CVE-2012-1946",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1946"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsINode::ReplaceOrInsertBefore function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 might allow remote attackers to execute arbitrary code via document changes involving replacement or insertion of a node.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1946",
"url": "https://www.suse.com/security/cve/CVE-2012-1946"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-1946",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1946"
},
{
"cve": "CVE-2012-1947",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1947"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a character-set conversion failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1947",
"url": "https://www.suse.com/security/cve/CVE-2012-1947"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-1947",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1947"
},
{
"cve": "CVE-2012-1948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1948"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1948",
"url": "https://www.suse.com/security/cve/CVE-2012-1948"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1948",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1948"
},
{
"cve": "CVE-2012-1949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1949"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1949",
"url": "https://www.suse.com/security/cve/CVE-2012-1949"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1949",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1949"
},
{
"cve": "CVE-2012-1951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1951"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsSMILTimeValueSpec::IsEventBased function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code by interacting with objects used for SMIL Timing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1951",
"url": "https://www.suse.com/security/cve/CVE-2012-1951"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1951",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1951"
},
{
"cve": "CVE-2012-1952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1952"
}
],
"notes": [
{
"category": "general",
"text": "The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly perform a cast of a frame variable during processing of mixed row-group and column-group frames, which might allow remote attackers to execute arbitrary code via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1952",
"url": "https://www.suse.com/security/cve/CVE-2012-1952"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1952",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1952"
},
{
"cve": "CVE-2012-1953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1953"
}
],
"notes": [
{
"category": "general",
"text": "The ElementAnimations::EnsureStyleRuleFor function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (buffer over-read, incorrect pointer dereference, and heap-based buffer overflow) or possibly execute arbitrary code via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1953",
"url": "https://www.suse.com/security/cve/CVE-2012-1953"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1953",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1953"
},
{
"cve": "CVE-2012-1954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1954"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsDocument::AdoptNode function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors involving multiple adoptions and empty documents.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1954",
"url": "https://www.suse.com/security/cve/CVE-2012-1954"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1954",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1954"
},
{
"cve": "CVE-2012-1955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1955"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to spoof the address bar via vectors involving history.forward and history.back calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1955",
"url": "https://www.suse.com/security/cve/CVE-2012-1955"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1955",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1955"
},
{
"cve": "CVE-2012-1956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1956"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 do not prevent use of the Object.defineProperty method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1956",
"url": "https://www.suse.com/security/cve/CVE-2012-1956"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-1956",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-1956"
},
{
"cve": "CVE-2012-1957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1957"
}
],
"notes": [
{
"category": "general",
"text": "An unspecified parser-utility class in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly handle EMBED elements within description elements in RSS feeds, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a feed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1957",
"url": "https://www.suse.com/security/cve/CVE-2012-1957"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1957",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1957"
},
{
"cve": "CVE-2012-1958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1958"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsGlobalWindow::PageHidden function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 might allow remote attackers to execute arbitrary code via vectors related to focused content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1958",
"url": "https://www.suse.com/security/cve/CVE-2012-1958"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1958",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1958"
},
{
"cve": "CVE-2012-1959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1959"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not consider the presence of same-compartment security wrappers (SCSW) during the cross-compartment wrapping of objects, which allows remote attackers to bypass intended XBL access restrictions via crafted content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1959",
"url": "https://www.suse.com/security/cve/CVE-2012-1959"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1959",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1959"
},
{
"cve": "CVE-2012-1960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1960"
}
],
"notes": [
{
"category": "general",
"text": "The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implementation in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 might allow remote attackers to obtain sensitive information from process memory via a crafted color profile that triggers an out-of-bounds read operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1960",
"url": "https://www.suse.com/security/cve/CVE-2012-1960"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1960",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-1960"
},
{
"cve": "CVE-2012-1961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1961"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly handle duplicate values in X-Frame-Options headers, which makes it easier for remote attackers to conduct clickjacking attacks via a FRAME element referencing a web site that produces these duplicate values.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1961",
"url": "https://www.suse.com/security/cve/CVE-2012-1961"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1961",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1961"
},
{
"cve": "CVE-2012-1962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1962"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the JSDependentString::undepend function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving strings with multiple dependencies.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1962",
"url": "https://www.suse.com/security/cve/CVE-2012-1962"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1962",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1962"
},
{
"cve": "CVE-2012-1963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1963"
}
],
"notes": [
{
"category": "general",
"text": "The Content Security Policy (CSP) functionality in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly restrict the strings placed into the blocked-uri parameter of a violation report, which allows remote web servers to capture OpenID credentials and OAuth 2.0 access tokens by triggering a violation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1963",
"url": "https://www.suse.com/security/cve/CVE-2012-1963"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1963",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1963"
},
{
"cve": "CVE-2012-1967",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1967"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows remote attackers to execute arbitrary JavaScript code with improper privileges via a javascript: URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1967",
"url": "https://www.suse.com/security/cve/CVE-2012-1967"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1967",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1967"
},
{
"cve": "CVE-2012-1970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1970"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1970",
"url": "https://www.suse.com/security/cve/CVE-2012-1970"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-1970",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1970"
},
{
"cve": "CVE-2012-1972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1972"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1972",
"url": "https://www.suse.com/security/cve/CVE-2012-1972"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-1972",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1972"
},
{
"cve": "CVE-2012-1973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1973"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsObjectLoadingContent::LoadObject function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1973",
"url": "https://www.suse.com/security/cve/CVE-2012-1973"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-1973",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1973"
},
{
"cve": "CVE-2012-1974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1974"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the gfxTextRun::CanBreakLineBefore function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1974",
"url": "https://www.suse.com/security/cve/CVE-2012-1974"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-1974",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1974"
},
{
"cve": "CVE-2012-1975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1975"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the PresShell::CompleteMove function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1975",
"url": "https://www.suse.com/security/cve/CVE-2012-1975"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-1975",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1975"
},
{
"cve": "CVE-2012-1976",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1976"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsHTMLSelectElement::SubmitNamesValues function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1976",
"url": "https://www.suse.com/security/cve/CVE-2012-1976"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-1976",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1976"
},
{
"cve": "CVE-2012-3956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3956"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the MediaStreamGraphThreadRunnable::Run function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3956",
"url": "https://www.suse.com/security/cve/CVE-2012-3956"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3956",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3956"
},
{
"cve": "CVE-2012-3957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3957"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsBlockFrame::MarkLineDirty function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3957",
"url": "https://www.suse.com/security/cve/CVE-2012-3957"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3957",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3957"
},
{
"cve": "CVE-2012-3958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3958"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsHTMLEditRules::DeleteNonTableElements function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3958",
"url": "https://www.suse.com/security/cve/CVE-2012-3958"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3958",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3958"
},
{
"cve": "CVE-2012-3959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3959"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3959",
"url": "https://www.suse.com/security/cve/CVE-2012-3959"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3959",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3959"
},
{
"cve": "CVE-2012-3960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3960"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozSpellChecker::SetCurrentDictionary function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3960",
"url": "https://www.suse.com/security/cve/CVE-2012-3960"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3960",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3960"
},
{
"cve": "CVE-2012-3961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3961"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the RangeData implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3961",
"url": "https://www.suse.com/security/cve/CVE-2012-3961"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3961",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3961"
},
{
"cve": "CVE-2012-3962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3962"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly iterate through the characters in a text run, which allows remote attackers to execute arbitrary code via a crafted document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3962",
"url": "https://www.suse.com/security/cve/CVE-2012-3962"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3962",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3962"
},
{
"cve": "CVE-2012-3963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3963"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the js::gc::MapAllocToTraceKind function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3963",
"url": "https://www.suse.com/security/cve/CVE-2012-3963"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3963",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3963"
},
{
"cve": "CVE-2012-3964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3964"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the gfxTextRun::GetUserData function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3964",
"url": "https://www.suse.com/security/cve/CVE-2012-3964"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3964",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3964"
},
{
"cve": "CVE-2012-3966",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3966"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a negative height value in a BMP image within a .ICO file, related to (1) improper handling of the transparency bitmask by the nsICODecoder component and (2) improper processing of the alpha channel by the nsBMPDecoder component.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3966",
"url": "https://www.suse.com/security/cve/CVE-2012-3966"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3966",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3966"
},
{
"cve": "CVE-2012-3967",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3967"
}
],
"notes": [
{
"category": "general",
"text": "The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 on Linux, when a large number of sampler uniforms are used, does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3967",
"url": "https://www.suse.com/security/cve/CVE-2012-3967"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3967",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3967"
},
{
"cve": "CVE-2012-3968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3968"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via vectors related to deletion of a fragment shader by its accessor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3968",
"url": "https://www.suse.com/security/cve/CVE-2012-3968"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3968",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3968"
},
{
"cve": "CVE-2012-3969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3969"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the nsSVGFEMorphologyElement::Filter function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via a crafted SVG filter that triggers an incorrect sum calculation, leading to a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3969",
"url": "https://www.suse.com/security/cve/CVE-2012-3969"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3969",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3969"
},
{
"cve": "CVE-2012-3970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3970"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsTArray_base::Length function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving movement of a requiredFeatures attribute from one SVG document to another.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3970",
"url": "https://www.suse.com/security/cve/CVE-2012-3970"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3970",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3970"
},
{
"cve": "CVE-2012-3971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3971"
}
],
"notes": [
{
"category": "general",
"text": "Summer Institute of Linguistics (SIL) Graphite 2, as used in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the (1) Silf::readClassMap and (2) Pass::readPass functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3971",
"url": "https://www.suse.com/security/cve/CVE-2012-3971"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3971",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3971"
},
{
"cve": "CVE-2012-3972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3972"
}
],
"notes": [
{
"category": "general",
"text": "The format-number functionality in the XSLT implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3972",
"url": "https://www.suse.com/security/cve/CVE-2012-3972"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3972",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-3972"
},
{
"cve": "CVE-2012-3975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3975"
}
],
"notes": [
{
"category": "general",
"text": "The DOMParser component in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 loads subresources during parsing of text/html data within an extension, which allows remote attackers to obtain sensitive information by providing crafted data to privileged extension code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3975",
"url": "https://www.suse.com/security/cve/CVE-2012-3975"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3975",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-3975"
},
{
"cve": "CVE-2012-3976",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3976"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly handle onLocationChange events during navigation between different https sites, which allows remote attackers to spoof the X.509 certificate information in the address bar via a crafted web page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3976",
"url": "https://www.suse.com/security/cve/CVE-2012-3976"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3976",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-3976"
},
{
"cve": "CVE-2012-3978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3978"
}
],
"notes": [
{
"category": "general",
"text": "The nsLocation::CheckURL function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 does not properly follow the security model of the location object, which allows remote attackers to bypass intended content-loading restrictions or possibly have unspecified other impact via vectors involving chrome code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3978",
"url": "https://www.suse.com/security/cve/CVE-2012-3978"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3978",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-3978"
},
{
"cve": "CVE-2012-3982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3982"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3982",
"url": "https://www.suse.com/security/cve/CVE-2012-3982"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3982",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3982"
},
{
"cve": "CVE-2012-3983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3983"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3983",
"url": "https://www.suse.com/security/cve/CVE-2012-3983"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3983",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3983"
},
{
"cve": "CVE-2012-3984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3984"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has a SELECT element\u0027s menu active, which allows remote attackers to spoof page content via vectors involving absolute positioning and scrolling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3984",
"url": "https://www.suse.com/security/cve/CVE-2012-3984"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3984",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-3984"
},
{
"cve": "CVE-2012-3985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3985"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly implement the HTML5 Same Origin Policy, which allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging initial-origin access after document.domain has been set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3985",
"url": "https://www.suse.com/security/cve/CVE-2012-3985"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3985",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-3985"
},
{
"cve": "CVE-2012-3986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3986"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict calls to DOMWindowUtils (aka nsDOMWindowUtils) methods, which allows remote attackers to bypass intended access restrictions via crafted JavaScript code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3986",
"url": "https://www.suse.com/security/cve/CVE-2012-3986"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3986",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3986"
},
{
"cve": "CVE-2012-3988",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3988"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 might allow user-assisted remote attackers to execute arbitrary code via vectors involving use of mozRequestFullScreen to enter full-screen mode, and use of the history.back method for backwards history navigation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3988",
"url": "https://www.suse.com/security/cve/CVE-2012-3988"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3988",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3988"
},
{
"cve": "CVE-2012-3989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3989"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly perform a cast of an unspecified variable during use of the instanceof operator on a JavaScript object, which allows remote attackers to execute arbitrary code or cause a denial of service (assertion failure) via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3989",
"url": "https://www.suse.com/security/cve/CVE-2012-3989"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3989",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3989"
},
{
"cve": "CVE-2012-3990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3990"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the IME State Manager implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors, related to the nsIContent::GetNameSpaceID function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3990",
"url": "https://www.suse.com/security/cve/CVE-2012-3990"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3990",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3990"
},
{
"cve": "CVE-2012-3991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3991"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict JSAPI access to the GetProperty function, which allows remote attackers to bypass the Same Origin Policy and possibly have unspecified other impact via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3991",
"url": "https://www.suse.com/security/cve/CVE-2012-3991"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3991",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3991"
},
{
"cve": "CVE-2012-3992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3992"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive POST content via vectors involving a location.hash write operation and history navigation that triggers the loading of a URL into the history object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3992",
"url": "https://www.suse.com/security/cve/CVE-2012-3992"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3992",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3992"
},
{
"cve": "CVE-2012-3993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3993"
}
],
"notes": [
{
"category": "general",
"text": "The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not properly interact with failures of InstallTrigger methods, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site, related to an \"XrayWrapper pollution\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3993",
"url": "https://www.suse.com/security/cve/CVE-2012-3993"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3993",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3993"
},
{
"cve": "CVE-2012-3994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3994"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to conduct cross-site scripting (XSS) attacks via a binary plugin that uses Object.defineProperty to shadow the top object, and leverages the relationship between top.location and the location property.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3994",
"url": "https://www.suse.com/security/cve/CVE-2012-3994"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3994",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3994"
},
{
"cve": "CVE-2012-3995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3995"
}
],
"notes": [
{
"category": "general",
"text": "The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3995",
"url": "https://www.suse.com/security/cve/CVE-2012-3995"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3995",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3995"
},
{
"cve": "CVE-2012-4179",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4179"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsHTMLCSSUtils::CreateCSSPropertyTxn function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4179",
"url": "https://www.suse.com/security/cve/CVE-2012-4179"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4179",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4179"
},
{
"cve": "CVE-2012-4180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4180"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsHTMLEditor::IsPrevCharInNodeWhitespace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4180",
"url": "https://www.suse.com/security/cve/CVE-2012-4180"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4180",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4180"
},
{
"cve": "CVE-2012-4181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4181"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsSMILAnimationController::DoSample function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4181",
"url": "https://www.suse.com/security/cve/CVE-2012-4181"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4181",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4181"
},
{
"cve": "CVE-2012-4182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4182"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsTextEditRules::WillInsert function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4182",
"url": "https://www.suse.com/security/cve/CVE-2012-4182"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4182",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4182"
},
{
"cve": "CVE-2012-4183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4183"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the DOMSVGTests::GetRequiredFeatures function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4183",
"url": "https://www.suse.com/security/cve/CVE-2012-4183"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4183",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4183"
},
{
"cve": "CVE-2012-4184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4184"
}
],
"notes": [
{
"category": "general",
"text": "The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not prevent access to properties of a prototype for a standard class, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4184",
"url": "https://www.suse.com/security/cve/CVE-2012-4184"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4184",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4184"
},
{
"cve": "CVE-2012-4185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4185"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the nsCharTraits::length function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4185",
"url": "https://www.suse.com/security/cve/CVE-2012-4185"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4185",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4185"
},
{
"cve": "CVE-2012-4186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4186"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsWaveReader::DecodeAudioData function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4186",
"url": "https://www.suse.com/security/cve/CVE-2012-4186"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4186",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4186"
},
{
"cve": "CVE-2012-4187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4187"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage a certain insPos variable, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and assertion failure) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4187",
"url": "https://www.suse.com/security/cve/CVE-2012-4187"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4187",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4187"
},
{
"cve": "CVE-2012-4188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4188"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the Convolve3x3 function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4188",
"url": "https://www.suse.com/security/cve/CVE-2012-4188"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4188",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4188"
},
{
"cve": "CVE-2012-4191",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4191"
}
],
"notes": [
{
"category": "general",
"text": "The mozilla::net::FailDelayManager::Lookup function in the WebSockets implementation in Mozilla Firefox before 16.0.1, Thunderbird before 16.0.1, and SeaMonkey before 2.13.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4191",
"url": "https://www.suse.com/security/cve/CVE-2012-4191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4191"
},
{
"cve": "CVE-2012-4192",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4192"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 16.0, Thunderbird 16.0, and SeaMonkey 2.13 allow remote attackers to bypass the Same Origin Policy and read the properties of a Location object via a crafted web site, a related issue to CVE-2012-4193.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4192",
"url": "https://www.suse.com/security/cve/CVE-2012-4192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4192"
},
{
"cve": "CVE-2012-4193",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4193"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, which allows remote attackers to bypass the Same Origin Policy and read the properties of a Location object, or execute arbitrary JavaScript code, via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4193",
"url": "https://www.suse.com/security/cve/CVE-2012-4193"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4193",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4193"
},
{
"cve": "CVE-2012-4194",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4194"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4194",
"url": "https://www.suse.com/security/cve/CVE-2012-4194"
},
{
"category": "external",
"summary": "SUSE Bug 786522 for CVE-2012-4194",
"url": "https://bugzilla.suse.com/786522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4194"
},
{
"cve": "CVE-2012-4195",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4195"
}
],
"notes": [
{
"category": "general",
"text": "The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and principal in its return value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, and makes it easier for remote attackers to execute arbitrary JavaScript code by leveraging certain add-on behavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4195",
"url": "https://www.suse.com/security/cve/CVE-2012-4195"
},
{
"category": "external",
"summary": "SUSE Bug 786522 for CVE-2012-4195",
"url": "https://bugzilla.suse.com/786522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4195"
},
{
"cve": "CVE-2012-4196",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4196"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a prototype property-injection attack that defeats certain protection mechanisms for this object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4196",
"url": "https://www.suse.com/security/cve/CVE-2012-4196"
},
{
"category": "external",
"summary": "SUSE Bug 786522 for CVE-2012-4196",
"url": "https://bugzilla.suse.com/786522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4196"
},
{
"cve": "CVE-2012-4201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4201"
}
],
"notes": [
{
"category": "general",
"text": "The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incorrect context during the handling of JavaScript code that sets the location.href property, which allows remote attackers to conduct cross-site scripting (XSS) attacks or read arbitrary files by leveraging a sandboxed add-on.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4201",
"url": "https://www.suse.com/security/cve/CVE-2012-4201"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4201",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4201"
},
{
"cve": "CVE-2012-4202",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4202"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via a crafted GIF image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4202",
"url": "https://www.suse.com/security/cve/CVE-2012-4202"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4202",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4202"
},
{
"cve": "CVE-2012-4204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4204"
}
],
"notes": [
{
"category": "general",
"text": "The str_unescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4204",
"url": "https://www.suse.com/security/cve/CVE-2012-4204"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4204",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4204"
},
{
"cve": "CVE-2012-4205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4205"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 assign the system principal, rather than the sandbox principal, to XMLHttpRequest objects created in sandboxes, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks or obtain sensitive information by leveraging a sandboxed add-on.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4205",
"url": "https://www.suse.com/security/cve/CVE-2012-4205"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4205",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4205"
},
{
"cve": "CVE-2012-4207",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4207"
}
],
"notes": [
{
"category": "general",
"text": "The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a ~ (tilde) character in proximity to a chunk delimiter, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4207",
"url": "https://www.suse.com/security/cve/CVE-2012-4207"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4207",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4207"
},
{
"cve": "CVE-2012-4208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4208"
}
],
"notes": [
{
"category": "general",
"text": "The XrayWrapper implementation in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 does not consider the compartment during property filtering, which allows remote attackers to bypass intended chrome-only restrictions on reading DOM object properties via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4208",
"url": "https://www.suse.com/security/cve/CVE-2012-4208"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4208",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4208"
},
{
"cve": "CVE-2012-4209",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4209"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do not prevent use of a \"top\" frame name-attribute value to access the location property, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a binary plugin.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4209",
"url": "https://www.suse.com/security/cve/CVE-2012-4209"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4209",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4209"
},
{
"cve": "CVE-2012-4212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4212"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the XPCWrappedNative::Mark function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4212",
"url": "https://www.suse.com/security/cve/CVE-2012-4212"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4212",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4212"
},
{
"cve": "CVE-2012-4213",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4213"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsEditor::FindNextLeafNode function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4213",
"url": "https://www.suse.com/security/cve/CVE-2012-4213"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4213",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4213"
},
{
"cve": "CVE-2012-4214",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4214"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-5840.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4214",
"url": "https://www.suse.com/security/cve/CVE-2012-4214"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4214",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4214"
},
{
"cve": "CVE-2012-4215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4215"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4215",
"url": "https://www.suse.com/security/cve/CVE-2012-4215"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4215",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4215"
},
{
"cve": "CVE-2012-4216",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4216"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4216",
"url": "https://www.suse.com/security/cve/CVE-2012-4216"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4216",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4216"
},
{
"cve": "CVE-2012-4217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4217"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsViewManager::ProcessPendingUpdates function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4217",
"url": "https://www.suse.com/security/cve/CVE-2012-4217"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4217",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4217"
},
{
"cve": "CVE-2012-4218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4218"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the BuildTextRunsScanner::BreakSink::SetBreaks function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4218",
"url": "https://www.suse.com/security/cve/CVE-2012-4218"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4218",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4218"
},
{
"cve": "CVE-2012-5829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5829"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsWindow::OnExposeEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5829",
"url": "https://www.suse.com/security/cve/CVE-2012-5829"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5829",
"url": "https://bugzilla.suse.com/790140"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2012-5829",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-5829"
},
{
"cve": "CVE-2012-5830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5830"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5830",
"url": "https://www.suse.com/security/cve/CVE-2012-5830"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5830",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-5830"
},
{
"cve": "CVE-2012-5833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5833"
}
],
"notes": [
{
"category": "general",
"text": "The texImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via function calls involving certain values of the level parameter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5833",
"url": "https://www.suse.com/security/cve/CVE-2012-5833"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5833",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-5833"
},
{
"cve": "CVE-2012-5835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5835"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via crafted data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5835",
"url": "https://www.suse.com/security/cve/CVE-2012-5835"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5835",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-5835"
},
{
"cve": "CVE-2012-5836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5836"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving the setting of Cascading Style Sheets (CSS) properties in conjunction with SVG text.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5836",
"url": "https://www.suse.com/security/cve/CVE-2012-5836"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5836",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-5836"
},
{
"cve": "CVE-2012-5838",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5838"
}
],
"notes": [
{
"category": "general",
"text": "The copyTexImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via large image dimensions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5838",
"url": "https://www.suse.com/security/cve/CVE-2012-5838"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5838",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-5838"
},
{
"cve": "CVE-2012-5839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5839"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5839",
"url": "https://www.suse.com/security/cve/CVE-2012-5839"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5839",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-5839"
},
{
"cve": "CVE-2012-5840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5840"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4214.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5840",
"url": "https://www.suse.com/security/cve/CVE-2012-5840"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5840",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-5840"
},
{
"cve": "CVE-2012-5841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5841"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 implement cross-origin wrappers with a filtering behavior that does not properly restrict write actions, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5841",
"url": "https://www.suse.com/security/cve/CVE-2012-5841"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5841",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-5841"
},
{
"cve": "CVE-2012-5842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5842"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5842",
"url": "https://www.suse.com/security/cve/CVE-2012-5842"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5842",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-5842"
},
{
"cve": "CVE-2012-5843",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5843"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5843",
"url": "https://www.suse.com/security/cve/CVE-2012-5843"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5843",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-5843"
},
{
"cve": "CVE-2013-0743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0743"
}
],
"notes": [
{
"category": "general",
"text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA at the suggestion of the CVE project team. The candidate had been associated with a correct report of a security problem, but not a problem that is categorized as a vulnerability within CVE. Compromised or unauthorized SSL certificates are not within CVE\u0027s scope. Notes: none.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0743",
"url": "https://www.suse.com/security/cve/CVE-2013-0743"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0743",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0743"
},
{
"cve": "CVE-2013-0744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0744"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an HTML document with a table containing many columns and column groups.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0744",
"url": "https://www.suse.com/security/cve/CVE-2013-0744"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0744",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0744"
},
{
"cve": "CVE-2013-0745",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0745"
}
],
"notes": [
{
"category": "general",
"text": "The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly interact with garbage collection, which allows remote attackers to execute arbitrary code via a crafted HTML document referencing JavaScript objects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0745",
"url": "https://www.suse.com/security/cve/CVE-2013-0745"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0745",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0745"
},
{
"cve": "CVE-2013-0746",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0746"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 do not properly implement quickstubs that use the jsval data type for their return values, which allows remote attackers to execute arbitrary code or cause a denial of service (compartment mismatch and application crash) via crafted JavaScript code that is not properly handled during garbage collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0746",
"url": "https://www.suse.com/security/cve/CVE-2013-0746"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0746",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0746"
},
{
"cve": "CVE-2013-0747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0747"
}
],
"notes": [
{
"category": "general",
"text": "The gPluginHandler.handleEvent function in the plugin handler in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly enforce the Same Origin Policy, which allows remote attackers to conduct clickjacking attacks via crafted JavaScript code that listens for a mutation event.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0747",
"url": "https://www.suse.com/security/cve/CVE-2013-0747"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0747",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0747"
},
{
"cve": "CVE-2013-0748",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0748"
}
],
"notes": [
{
"category": "general",
"text": "The XBL.__proto__.toString implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 makes it easier for remote attackers to bypass the ASLR protection mechanism by calling the toString function of an XBL object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0748",
"url": "https://www.suse.com/security/cve/CVE-2013-0748"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0748",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0748"
},
{
"cve": "CVE-2013-0749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0749"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0749",
"url": "https://www.suse.com/security/cve/CVE-2013-0749"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0749",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0749"
},
{
"cve": "CVE-2013-0750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0750"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted string concatenation, leading to improper memory allocation and a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0750",
"url": "https://www.suse.com/security/cve/CVE-2013-0750"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0750",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0750"
},
{
"cve": "CVE-2013-0751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0751"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 18.0 on Android and SeaMonkey before 2.15 do not restrict a touch event to a single IFRAME element, which allows remote attackers to obtain sensitive information or possibly conduct cross-site scripting (XSS) attacks via a crafted HTML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0751",
"url": "https://www.suse.com/security/cve/CVE-2013-0751"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0751",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0751"
},
{
"cve": "CVE-2013-0752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0752"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XBL file with multiple bindings that have SVG content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0752",
"url": "https://www.suse.com/security/cve/CVE-2013-0752"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0752",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0752"
},
{
"cve": "CVE-2013-0753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0753"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via crafted web content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0753",
"url": "https://www.suse.com/security/cve/CVE-2013-0753"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0753",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0753"
},
{
"cve": "CVE-2013-0754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0754"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the ListenerManager implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors involving the triggering of garbage collection after memory allocation for listener objects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0754",
"url": "https://www.suse.com/security/cve/CVE-2013-0754"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0754",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0754"
},
{
"cve": "CVE-2013-0755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0755"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozVibrate implementation in the Vibrate library in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors related to the domDoc pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0755",
"url": "https://www.suse.com/security/cve/CVE-2013-0755"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0755",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0755"
},
{
"cve": "CVE-2013-0756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0756"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the obj_toSource function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted web page referencing JavaScript Proxy objects that are not properly handled during garbage collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0756",
"url": "https://www.suse.com/security/cve/CVE-2013-0756"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0756",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0756"
},
{
"cve": "CVE-2013-0757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0757"
}
],
"notes": [
{
"category": "general",
"text": "The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not prevent modifications to the prototype of an object, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by referencing Object.prototype.__proto__ in a crafted HTML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0757",
"url": "https://www.suse.com/security/cve/CVE-2013-0757"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0757",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0757"
},
{
"cve": "CVE-2013-0758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0758"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging improper interaction between plugin objects and SVG elements.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0758",
"url": "https://www.suse.com/security/cve/CVE-2013-0758"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0758",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0758"
},
{
"cve": "CVE-2013-0760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0760"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the CharDistributionAnalysis::HandleOneChar function in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0760",
"url": "https://www.suse.com/security/cve/CVE-2013-0760"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0760",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0760"
},
{
"cve": "CVE-2013-0761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0761"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::TrackUnionStream::EndTrack implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0761",
"url": "https://www.suse.com/security/cve/CVE-2013-0761"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0761",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0761"
},
{
"cve": "CVE-2013-0762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0762"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the imgRequest::OnStopFrame function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0762",
"url": "https://www.suse.com/security/cve/CVE-2013-0762"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0762",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0762"
},
{
"cve": "CVE-2013-0763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0763"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to Mesa drivers and a resized WebGL canvas.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0763",
"url": "https://www.suse.com/security/cve/CVE-2013-0763"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0763",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0763"
},
{
"cve": "CVE-2013-0764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0764"
}
],
"notes": [
{
"category": "general",
"text": "The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not ensure thread safety for SSL sessions, which allows remote attackers to execute arbitrary code via crafted data, as demonstrated by e-mail message data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0764",
"url": "https://www.suse.com/security/cve/CVE-2013-0764"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0764",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0764"
},
{
"cve": "CVE-2013-0765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0765"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 do not prevent multiple wrapping of WebIDL objects, which allows remote attackers to bypass intended access restrictions via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0765",
"url": "https://www.suse.com/security/cve/CVE-2013-0765"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0765",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0765"
},
{
"cve": "CVE-2013-0766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0766"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the ~nsHTMLEditRules implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0766",
"url": "https://www.suse.com/security/cve/CVE-2013-0766"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0766",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0766"
},
{
"cve": "CVE-2013-0767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0767"
}
],
"notes": [
{
"category": "general",
"text": "The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0767",
"url": "https://www.suse.com/security/cve/CVE-2013-0767"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0767",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0767"
},
{
"cve": "CVE-2013-0768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0768"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer overflow in the Canvas implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via an HTML document that specifies invalid width and height values.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0768",
"url": "https://www.suse.com/security/cve/CVE-2013-0768"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0768",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0768"
},
{
"cve": "CVE-2013-0769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0769"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0769",
"url": "https://www.suse.com/security/cve/CVE-2013-0769"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0769",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0769"
},
{
"cve": "CVE-2013-0770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0770"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0770",
"url": "https://www.suse.com/security/cve/CVE-2013-0770"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0770",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0770"
},
{
"cve": "CVE-2013-0771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0771"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0771",
"url": "https://www.suse.com/security/cve/CVE-2013-0771"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0771",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0771"
},
{
"cve": "CVE-2013-0772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0772"
}
],
"notes": [
{
"category": "general",
"text": "The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) via a crafted GIF image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0772",
"url": "https://www.suse.com/security/cve/CVE-2013-0772"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0772",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0772"
},
{
"cve": "CVE-2013-0773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0773"
}
],
"notes": [
{
"category": "general",
"text": "The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) implementations in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent modifications to a prototype, which allows remote attackers to obtain sensitive information from chrome objects or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0773",
"url": "https://www.suse.com/security/cve/CVE-2013-0773"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0773",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0773"
},
{
"cve": "CVE-2013-0774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0774"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent JavaScript workers from reading the browser-profile directory name, which has unspecified impact and remote attack vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0774",
"url": "https://www.suse.com/security/cve/CVE-2013-0774"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0774",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0774"
},
{
"cve": "CVE-2013-0775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0775"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsImageLoadingContent::OnStopContainer function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via crafted web script.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0775",
"url": "https://www.suse.com/security/cve/CVE-2013-0775"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0775",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0775"
},
{
"cve": "CVE-2013-0776",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0776"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the address bar by operating a proxy server that provides a 407 HTTP status code accompanied by web script, as demonstrated by a phishing attack on an HTTPS site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0776",
"url": "https://www.suse.com/security/cve/CVE-2013-0776"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0776",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0776"
},
{
"cve": "CVE-2013-0777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0777"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsDisplayBoxShadowOuter::Paint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0777",
"url": "https://www.suse.com/security/cve/CVE-2013-0777"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0777",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0777"
},
{
"cve": "CVE-2013-0778",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0778"
}
],
"notes": [
{
"category": "general",
"text": "The ClusterIterator::NextCluster function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0778",
"url": "https://www.suse.com/security/cve/CVE-2013-0778"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0778",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0778"
},
{
"cve": "CVE-2013-0779",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0779"
}
],
"notes": [
{
"category": "general",
"text": "The nsCodingStateMachine::NextState function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0779",
"url": "https://www.suse.com/security/cve/CVE-2013-0779"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0779",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0779"
},
{
"cve": "CVE-2013-0780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0780"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsOverflowContinuationTracker::Finish function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document that uses Cascading Style Sheets (CSS) -moz-column-* properties.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0780",
"url": "https://www.suse.com/security/cve/CVE-2013-0780"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0780",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0780"
},
{
"cve": "CVE-2013-0781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0781"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsPrintEngine::CommonPrint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0781",
"url": "https://www.suse.com/security/cve/CVE-2013-0781"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0781",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0781"
},
{
"cve": "CVE-2013-0782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0782"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0782",
"url": "https://www.suse.com/security/cve/CVE-2013-0782"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0782",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0782"
},
{
"cve": "CVE-2013-0783",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0783"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0783",
"url": "https://www.suse.com/security/cve/CVE-2013-0783"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0783",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0783"
},
{
"cve": "CVE-2013-0787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0787"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey before 2.16.1 allows remote attackers to execute arbitrary code via vectors involving an execCommand call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0787",
"url": "https://www.suse.com/security/cve/CVE-2013-0787"
},
{
"category": "external",
"summary": "SUSE Bug 808243 for CVE-2013-0787",
"url": "https://bugzilla.suse.com/808243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0787"
},
{
"cve": "CVE-2013-0788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0788"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0788",
"url": "https://www.suse.com/security/cve/CVE-2013-0788"
},
{
"category": "external",
"summary": "SUSE Bug 813026 for CVE-2013-0788",
"url": "https://bugzilla.suse.com/813026"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0788",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0788"
},
{
"cve": "CVE-2013-0789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0789"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0 and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsContentUtils::HoldJSObjects function and the nsAutoPtr class, and other vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0789",
"url": "https://www.suse.com/security/cve/CVE-2013-0789"
},
{
"category": "external",
"summary": "SUSE Bug 813026 for CVE-2013-0789",
"url": "https://bugzilla.suse.com/813026"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0789",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0789"
},
{
"cve": "CVE-2013-0792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0792"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when gfx.color_management.enablev4 is used, do not properly handle color profiles during PNG rendering, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a grayscale PNG image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0792",
"url": "https://www.suse.com/security/cve/CVE-2013-0792"
},
{
"category": "external",
"summary": "SUSE Bug 813026 for CVE-2013-0792",
"url": "https://bugzilla.suse.com/813026"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0792",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0792"
},
{
"cve": "CVE-2013-0793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0793"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 do not ensure the correctness of the address bar during history navigation, which allows remote attackers to conduct cross-site scripting (XSS) attacks or phishing attacks by leveraging control over navigation timing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0793",
"url": "https://www.suse.com/security/cve/CVE-2013-0793"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0793",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0793"
},
{
"cve": "CVE-2013-0794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0794"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 20.0 and SeaMonkey before 2.17 do not prevent origin spoofing of tab-modal dialogs, which allows remote attackers to conduct phishing attacks via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0794",
"url": "https://www.suse.com/security/cve/CVE-2013-0794"
},
{
"category": "external",
"summary": "SUSE Bug 813026 for CVE-2013-0794",
"url": "https://bugzilla.suse.com/813026"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0794",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0794"
},
{
"cve": "CVE-2013-0795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0795"
}
],
"notes": [
{
"category": "general",
"text": "The System Only Wrapper (SOW) implementation in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 does not prevent use of the cloneNode method for cloning a protected node, which allows remote attackers to bypass the Same Origin Policy or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0795",
"url": "https://www.suse.com/security/cve/CVE-2013-0795"
},
{
"category": "external",
"summary": "SUSE Bug 813026 for CVE-2013-0795",
"url": "https://bugzilla.suse.com/813026"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0795",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0795"
},
{
"cve": "CVE-2013-0796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0796"
}
],
"notes": [
{
"category": "general",
"text": "The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 on Linux does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (free of unallocated memory) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0796",
"url": "https://www.suse.com/security/cve/CVE-2013-0796"
},
{
"category": "external",
"summary": "SUSE Bug 813026 for CVE-2013-0796",
"url": "https://bugzilla.suse.com/813026"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0796",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0796"
},
{
"cve": "CVE-2013-0800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0800"
}
],
"notes": [
{
"category": "general",
"text": "Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0800",
"url": "https://www.suse.com/security/cve/CVE-2013-0800"
},
{
"category": "external",
"summary": "SUSE Bug 813026 for CVE-2013-0800",
"url": "https://bugzilla.suse.com/813026"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0800",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0800"
},
{
"cve": "CVE-2013-1682",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1682"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1682",
"url": "https://www.suse.com/security/cve/CVE-2013-1682"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1682",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1682"
},
{
"cve": "CVE-2013-1683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1683"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1683",
"url": "https://www.suse.com/security/cve/CVE-2013-1683"
},
{
"category": "external",
"summary": "SUSE Bug 1150035 for CVE-2013-1683",
"url": "https://bugzilla.suse.com/1150035"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1683",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1683"
},
{
"cve": "CVE-2013-1684",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1684"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::dom::HTMLMediaElement::LookupMediaElementURITable function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1684",
"url": "https://www.suse.com/security/cve/CVE-2013-1684"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1684",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1684"
},
{
"cve": "CVE-2013-1685",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1685"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsIDocument::GetRootElement function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1685",
"url": "https://www.suse.com/security/cve/CVE-2013-1685"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1685",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1685"
},
{
"cve": "CVE-2013-1686",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1686"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::ResetDir function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1686",
"url": "https://www.suse.com/security/cve/CVE-2013-1686"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1686",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1686"
},
{
"cve": "CVE-2013-1687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1687"
}
],
"notes": [
{
"category": "general",
"text": "The System Only Wrapper (SOW) and Chrome Object Wrapper (COW) implementations in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly restrict XBL user-defined functions, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges, or conduct cross-site scripting (XSS) attacks, via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1687",
"url": "https://www.suse.com/security/cve/CVE-2013-1687"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1687",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1687"
},
{
"cve": "CVE-2013-1688",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1688"
}
],
"notes": [
{
"category": "general",
"text": "The Profiler implementation in Mozilla Firefox before 22.0 parses untrusted data during UI rendering, which allows user-assisted remote attackers to execute arbitrary JavaScript code via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1688",
"url": "https://www.suse.com/security/cve/CVE-2013-1688"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1688",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1688"
},
{
"cve": "CVE-2013-1690",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1690"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1690",
"url": "https://www.suse.com/security/cve/CVE-2013-1690"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1690",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1690"
},
{
"cve": "CVE-2013-1692",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1692"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not prevent the inclusion of body data in an XMLHttpRequest HEAD request, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1692",
"url": "https://www.suse.com/security/cve/CVE-2013-1692"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1692",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1692"
},
{
"cve": "CVE-2013-1693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1693"
}
],
"notes": [
{
"category": "general",
"text": "The SVG filter implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to read pixel values, and possibly bypass the Same Origin Policy and read text from a different domain, by observing timing differences in execution of filter code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1693",
"url": "https://www.suse.com/security/cve/CVE-2013-1693"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1693",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1693"
},
{
"cve": "CVE-2013-1694",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1694"
}
],
"notes": [
{
"category": "general",
"text": "The PreserveWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly handle the lack of a wrapper, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by leveraging unintended clearing of the wrapper cache\u0027s preserved-wrapper flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1694",
"url": "https://www.suse.com/security/cve/CVE-2013-1694"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1694",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1694"
},
{
"cve": "CVE-2013-1695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1695"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 22.0 does not properly implement certain DocShell inheritance behavior for the sandbox attribute of an IFRAME element, which allows remote attackers to bypass intended access restrictions via a FRAME element within an IFRAME element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1695",
"url": "https://www.suse.com/security/cve/CVE-2013-1695"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1695",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1695"
},
{
"cve": "CVE-2013-1696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1696"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 22.0 does not properly enforce the X-Frame-Options protection mechanism, which allows remote attackers to conduct clickjacking attacks via a crafted web site that uses the HTTP server push feature with multipart responses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1696",
"url": "https://www.suse.com/security/cve/CVE-2013-1696"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1696",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1696"
},
{
"cve": "CVE-2013-1697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1697"
}
],
"notes": [
{
"category": "general",
"text": "The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers use of a user-defined (1) toString or (2) valueOf method.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1697",
"url": "https://www.suse.com/security/cve/CVE-2013-1697"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1697",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1697"
},
{
"cve": "CVE-2013-1698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1698"
}
],
"notes": [
{
"category": "general",
"text": "The getUserMedia permission implementation in Mozilla Firefox before 22.0 references the URL of a top-level document instead of the URL of a specific page, which makes it easier for remote attackers to trick users into permitting camera or microphone access via a crafted web site that uses IFRAME elements.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1698",
"url": "https://www.suse.com/security/cve/CVE-2013-1698"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1698",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1698"
},
{
"cve": "CVE-2013-1699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1699"
}
],
"notes": [
{
"category": "general",
"text": "The Internationalized Domain Name (IDN) display algorithm in Mozilla Firefox before 22.0 does not properly handle the .com, .name, and .net top-level domains, which allows remote attackers to spoof the address bar via unspecified homograph characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1699",
"url": "https://www.suse.com/security/cve/CVE-2013-1699"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1699",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1699"
},
{
"cve": "CVE-2013-1701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1701"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1701",
"url": "https://www.suse.com/security/cve/CVE-2013-1701"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1701",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1701"
},
{
"cve": "CVE-2013-1702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1702"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1702",
"url": "https://www.suse.com/security/cve/CVE-2013-1702"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1702",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1702"
},
{
"cve": "CVE-2013-1704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1704"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsINode::GetParentNode function in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a DOM modification at the time of a SetBody mutation event.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1704",
"url": "https://www.suse.com/security/cve/CVE-2013-1704"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1704",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1704"
},
{
"cve": "CVE-2013-1705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1705"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer underflow in the cryptojs_interpret_key_gen_type function in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Certificate Request Message Format (CRMF) request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1705",
"url": "https://www.suse.com/security/cve/CVE-2013-1705"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1705",
"url": "https://bugzilla.suse.com/833389"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1705",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1705"
},
{
"cve": "CVE-2013-1708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1708"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (application crash) via a crafted WAV file that is not properly handled by the nsCString::CharAt function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1708",
"url": "https://www.suse.com/security/cve/CVE-2013-1708"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1708",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1708"
},
{
"cve": "CVE-2013-1709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1709"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly handle the interaction between FRAME elements and history, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving spoofing a relative location in a previously visited document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1709",
"url": "https://www.suse.com/security/cve/CVE-2013-1709"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1709",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1709"
},
{
"cve": "CVE-2013-1710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1710"
}
],
"notes": [
{
"category": "general",
"text": "The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allows remote attackers to execute arbitrary JavaScript code or conduct cross-site scripting (XSS) attacks via vectors related to Certificate Request Message Format (CRMF) request generation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1710",
"url": "https://www.suse.com/security/cve/CVE-2013-1710"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1710",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1710"
},
{
"cve": "CVE-2013-1711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1711"
}
],
"notes": [
{
"category": "general",
"text": "The XrayWrapper implementation in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 does not properly address the possibility of an XBL scope bypass resulting from non-native arguments in XBL function calls, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks by leveraging access to an unprivileged object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1711",
"url": "https://www.suse.com/security/cve/CVE-2013-1711"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1711",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1711"
},
{
"cve": "CVE-2013-1713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1713"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 use an incorrect URI within unspecified comparisons during enforcement of the Same Origin Policy, which allows remote attackers to conduct cross-site scripting (XSS) attacks or install arbitrary add-ons via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1713",
"url": "https://www.suse.com/security/cve/CVE-2013-1713"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1713",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1713"
},
{
"cve": "CVE-2013-1714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1714"
}
],
"notes": [
{
"category": "general",
"text": "The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 does not properly restrict XMLHttpRequest calls, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1714",
"url": "https://www.suse.com/security/cve/CVE-2013-1714"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1714",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1714"
},
{
"cve": "CVE-2013-1717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1717"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a download to a fixed pathname or other predictable pathname.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1717",
"url": "https://www.suse.com/security/cve/CVE-2013-1717"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1717",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1717"
},
{
"cve": "CVE-2013-1718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1718"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1718",
"url": "https://www.suse.com/security/cve/CVE-2013-1718"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1718",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1718"
},
{
"cve": "CVE-2013-1719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1719"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1719",
"url": "https://www.suse.com/security/cve/CVE-2013-1719"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1719",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1719"
},
{
"cve": "CVE-2013-1720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1720"
}
],
"notes": [
{
"category": "general",
"text": "The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tree Builder in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 does not properly maintain the state of the insertion-mode stack for template elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer over-read) by triggering use of this stack in its empty state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1720",
"url": "https://www.suse.com/security/cve/CVE-2013-1720"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1720",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1720"
},
{
"cve": "CVE-2013-1721",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1721"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the drawLineLoop function in the libGLESv2 library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 24.0 and SeaMonkey before 2.21, allows remote attackers to execute arbitrary code via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1721",
"url": "https://www.suse.com/security/cve/CVE-2013-1721"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1721",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1721"
},
{
"cve": "CVE-2013-1722",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1722"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsAnimationManager::BuildAnimations function in the Animation Manager in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving stylesheet cloning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1722",
"url": "https://www.suse.com/security/cve/CVE-2013-1722"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1722",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1722"
},
{
"cve": "CVE-2013-1723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1723"
}
],
"notes": [
{
"category": "general",
"text": "The NativeKey widget in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 processes key messages after destruction by a dispatched event listener, which allows remote attackers to cause a denial of service (application crash) by leveraging incorrect event usage after widget-memory reallocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1723",
"url": "https://www.suse.com/security/cve/CVE-2013-1723"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1723",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1723"
},
{
"cve": "CVE-2013-1724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1724"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::dom::HTMLFormElement::IsDefaultSubmitElement function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a destroyed SELECT element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1724",
"url": "https://www.suse.com/security/cve/CVE-2013-1724"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1724",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1724"
},
{
"cve": "CVE-2013-1725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1725"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not ensure that initialization occurs for JavaScript objects with compartments, which allows remote attackers to execute arbitrary code by leveraging incorrect scope handling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1725",
"url": "https://www.suse.com/security/cve/CVE-2013-1725"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1725",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1725"
},
{
"cve": "CVE-2013-1728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1728"
}
],
"notes": [
{
"category": "general",
"text": "The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21, when Valgrind mode is used, does not properly initialize memory, which makes it easier for remote attackers to obtain sensitive information via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1728",
"url": "https://www.suse.com/security/cve/CVE-2013-1728"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1728",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1728"
},
{
"cve": "CVE-2013-1730",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1730"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows remote attackers to execute arbitrary code or cause a denial of service (JavaScript compartment mismatch, or assertion failure and application exit) via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1730",
"url": "https://www.suse.com/security/cve/CVE-2013-1730"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1730",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1730"
},
{
"cve": "CVE-2013-1732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1732"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via crafted use of lists and floats within a multi-column layout.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1732",
"url": "https://www.suse.com/security/cve/CVE-2013-1732"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1732",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1732"
},
{
"cve": "CVE-2013-1735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1735"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via vectors related to image-document scrolling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1735",
"url": "https://www.suse.com/security/cve/CVE-2013-1735"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1735",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1735"
},
{
"cve": "CVE-2013-1736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1736"
}
],
"notes": [
{
"category": "general",
"text": "The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to improperly establishing parent-child relationships of range-request nodes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1736",
"url": "https://www.suse.com/security/cve/CVE-2013-1736"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1736",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1736"
},
{
"cve": "CVE-2013-1737",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1737"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the \"this\" object during use of user-defined getter methods on DOM proxies, which might allow remote attackers to bypass intended access restrictions via vectors involving an expando object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1737",
"url": "https://www.suse.com/security/cve/CVE-2013-1737"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1737",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1737"
},
{
"cve": "CVE-2013-1738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1738"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the JS_GetGlobalForScopeChain function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code by leveraging incorrect garbage collection in situations involving default compartments and frame-chain restoration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1738",
"url": "https://www.suse.com/security/cve/CVE-2013-1738"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1738",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1738"
},
{
"cve": "CVE-2013-5590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5590"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5590",
"url": "https://www.suse.com/security/cve/CVE-2013-5590"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5590",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5590"
},
{
"cve": "CVE-2013-5591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5591"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5591",
"url": "https://www.suse.com/security/cve/CVE-2013-5591"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5591",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5591"
},
{
"cve": "CVE-2013-5592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5592"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5592",
"url": "https://www.suse.com/security/cve/CVE-2013-5592"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5592",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5592"
},
{
"cve": "CVE-2013-5593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5593"
}
],
"notes": [
{
"category": "general",
"text": "The SELECT element implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly restrict the nature or placement of HTML within a dropdown menu, which allows remote attackers to spoof the address bar or conduct clickjacking attacks via vectors that trigger navigation off of a page containing this element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5593",
"url": "https://www.suse.com/security/cve/CVE-2013-5593"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5593",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5593"
},
{
"cve": "CVE-2013-5595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5595"
}
],
"notes": [
{
"category": "general",
"text": "The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly allocate memory for unspecified functions, which allows remote attackers to conduct buffer overflow attacks via a crafted web page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5595",
"url": "https://www.suse.com/security/cve/CVE-2013-5595"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5595",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5595"
},
{
"cve": "CVE-2013-5596",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5596"
}
],
"notes": [
{
"category": "general",
"text": "The cycle collection (CC) implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial of service (race condition and application crash) via a large HTML document containing IMG elements, as demonstrated by the Never-Ending Reddit on reddit.com.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5596",
"url": "https://www.suse.com/security/cve/CVE-2013-5596"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5596",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5596"
},
{
"cve": "CVE-2013-5597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5597"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a state-change event during an update of the offline cache.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5597",
"url": "https://www.suse.com/security/cve/CVE-2013-5597"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5597",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5597"
},
{
"cve": "CVE-2013-5598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5598"
}
],
"notes": [
{
"category": "general",
"text": "PDF.js in Mozilla Firefox before 25.0 and Firefox ESR 24.x before 24.1 does not properly handle the appending of an IFRAME element, which allows remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges by using this element within an embedded PDF object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5598",
"url": "https://www.suse.com/security/cve/CVE-2013-5598"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5598",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5598"
},
{
"cve": "CVE-2013-5599",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5599"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a CANVAS element, a mozTextStyle attribute, and an onresize event.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5599",
"url": "https://www.suse.com/security/cve/CVE-2013-5599"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5599",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5599"
},
{
"cve": "CVE-2013-5600",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5600"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsIOService::NewChannelFromURIWithProxyFlags function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors involving a blob: URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5600",
"url": "https://www.suse.com/security/cve/CVE-2013-5600"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5600",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5600"
},
{
"cve": "CVE-2013-5601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5601"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsEventListenerManager::SetEventHandler function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors related to a memory allocation through the garbage collection (GC) API.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5601",
"url": "https://www.suse.com/security/cve/CVE-2013-5601"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5601",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5601"
},
{
"cve": "CVE-2013-5602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5602"
}
],
"notes": [
{
"category": "general",
"text": "The Worker::SetEventListener function in the Web workers implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to direct proxies.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5602",
"url": "https://www.suse.com/security/cve/CVE-2013-5602"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5602",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5602"
},
{
"cve": "CVE-2013-5603",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5603"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsContentUtils::ContentIsHostIncludingDescendantOf function in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving HTML document templates.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5603",
"url": "https://www.suse.com/security/cve/CVE-2013-5603"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5603",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5603"
},
{
"cve": "CVE-2013-5604",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5604"
}
],
"notes": [
{
"category": "general",
"text": "The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via crafted documents.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5604",
"url": "https://www.suse.com/security/cve/CVE-2013-5604"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5604",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5604"
},
{
"cve": "CVE-2013-5609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5609"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5609",
"url": "https://www.suse.com/security/cve/CVE-2013-5609"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5609",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-5609"
},
{
"cve": "CVE-2013-5610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5610"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5610",
"url": "https://www.suse.com/security/cve/CVE-2013-5610"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5610",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-5610"
},
{
"cve": "CVE-2013-5611",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5611"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to spoof a Web App installation site by controlling the timing of page navigation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5611",
"url": "https://www.suse.com/security/cve/CVE-2013-5611"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5611",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-5611"
},
{
"cve": "CVE-2013-5612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5612"
}
],
"notes": [
{
"category": "general",
"text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5612",
"url": "https://www.suse.com/security/cve/CVE-2013-5612"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5612",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-5612"
},
{
"cve": "CVE-2013-5613",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5613"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5613",
"url": "https://www.suse.com/security/cve/CVE-2013-5613"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5613",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-5613"
},
{
"cve": "CVE-2013-5614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5614"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5614",
"url": "https://www.suse.com/security/cve/CVE-2013-5614"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5614",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-5614"
},
{
"cve": "CVE-2013-5615",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5615"
}
],
"notes": [
{
"category": "general",
"text": "The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5615",
"url": "https://www.suse.com/security/cve/CVE-2013-5615"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5615",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-5615"
},
{
"cve": "CVE-2013-5616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5616"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5616",
"url": "https://www.suse.com/security/cve/CVE-2013-5616"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5616",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-5616"
},
{
"cve": "CVE-2013-5618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5618"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by triggering improper garbage collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5618",
"url": "https://www.suse.com/security/cve/CVE-2013-5618"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5618",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-5618"
},
{
"cve": "CVE-2013-5619",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5619"
}
],
"notes": [
{
"category": "general",
"text": "Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5619",
"url": "https://www.suse.com/security/cve/CVE-2013-5619"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5619",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5619"
},
{
"cve": "CVE-2013-6629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6629"
}
],
"notes": [
{
"category": "general",
"text": "The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6629",
"url": "https://www.suse.com/security/cve/CVE-2013-6629"
},
{
"category": "external",
"summary": "SUSE Bug 850430 for CVE-2013-6629",
"url": "https://bugzilla.suse.com/850430"
},
{
"category": "external",
"summary": "SUSE Bug 873872 for CVE-2013-6629",
"url": "https://bugzilla.suse.com/873872"
},
{
"category": "external",
"summary": "SUSE Bug 873873 for CVE-2013-6629",
"url": "https://bugzilla.suse.com/873873"
},
{
"category": "external",
"summary": "SUSE Bug 877429 for CVE-2013-6629",
"url": "https://bugzilla.suse.com/877429"
},
{
"category": "external",
"summary": "SUSE Bug 877430 for CVE-2013-6629",
"url": "https://bugzilla.suse.com/877430"
},
{
"category": "external",
"summary": "SUSE Bug 880246 for CVE-2013-6629",
"url": "https://bugzilla.suse.com/880246"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6629"
},
{
"cve": "CVE-2013-6630",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6630"
}
],
"notes": [
{
"category": "general",
"text": "The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6630",
"url": "https://www.suse.com/security/cve/CVE-2013-6630"
},
{
"category": "external",
"summary": "SUSE Bug 850430 for CVE-2013-6630",
"url": "https://bugzilla.suse.com/850430"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6630"
},
{
"cve": "CVE-2013-6671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6671"
}
],
"notes": [
{
"category": "general",
"text": "The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6671",
"url": "https://www.suse.com/security/cve/CVE-2013-6671"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-6671",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-6671"
},
{
"cve": "CVE-2013-6672",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6672"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 26.0 and SeaMonkey before 2.23 on Linux allow user-assisted remote attackers to read clipboard data by leveraging certain middle-click paste operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6672",
"url": "https://www.suse.com/security/cve/CVE-2013-6672"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-6672",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6672"
},
{
"cve": "CVE-2013-6673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6673"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user\u0027s removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6673",
"url": "https://www.suse.com/security/cve/CVE-2013-6673"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-6673",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6673"
},
{
"cve": "CVE-2014-1477",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1477"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1477",
"url": "https://www.suse.com/security/cve/CVE-2014-1477"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1477",
"url": "https://bugzilla.suse.com/861847"
},
{
"category": "external",
"summary": "SUSE Bug 862345 for CVE-2014-1477",
"url": "https://bugzilla.suse.com/862345"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1477"
},
{
"cve": "CVE-2014-1478",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1478"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the MPostWriteBarrier class in js/src/jit/MIR.h and stack alignment in js/src/jit/AsmJS.cpp in OdinMonkey, and unknown other vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1478",
"url": "https://www.suse.com/security/cve/CVE-2014-1478"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1478",
"url": "https://bugzilla.suse.com/861847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1478"
},
{
"cve": "CVE-2014-1479",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1479"
}
],
"notes": [
{
"category": "general",
"text": "The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1479",
"url": "https://www.suse.com/security/cve/CVE-2014-1479"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1479",
"url": "https://bugzilla.suse.com/861847"
},
{
"category": "external",
"summary": "SUSE Bug 862348 for CVE-2014-1479",
"url": "https://bugzilla.suse.com/862348"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1479"
},
{
"cve": "CVE-2014-1480",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1480"
}
],
"notes": [
{
"category": "general",
"text": "The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does not properly restrict the timing of button selections, which allows remote attackers to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1480",
"url": "https://www.suse.com/security/cve/CVE-2014-1480"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1480",
"url": "https://bugzilla.suse.com/861847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1480"
},
{
"cve": "CVE-2014-1481",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1481"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1481",
"url": "https://www.suse.com/security/cve/CVE-2014-1481"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1481",
"url": "https://bugzilla.suse.com/861847"
},
{
"category": "external",
"summary": "SUSE Bug 862309 for CVE-2014-1481",
"url": "https://bugzilla.suse.com/862309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1481"
},
{
"cve": "CVE-2014-1482",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1482"
}
],
"notes": [
{
"category": "general",
"text": "RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1482",
"url": "https://www.suse.com/security/cve/CVE-2014-1482"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1482",
"url": "https://bugzilla.suse.com/861847"
},
{
"category": "external",
"summary": "SUSE Bug 862356 for CVE-2014-1482",
"url": "https://bugzilla.suse.com/862356"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1482"
},
{
"cve": "CVE-2014-1483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1483"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1483",
"url": "https://www.suse.com/security/cve/CVE-2014-1483"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1483",
"url": "https://bugzilla.suse.com/861847"
},
{
"category": "external",
"summary": "SUSE Bug 862360 for CVE-2014-1483",
"url": "https://bugzilla.suse.com/862360"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1483"
},
{
"cve": "CVE-2014-1485",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1485"
}
],
"notes": [
{
"category": "general",
"text": "The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient style-src restrictions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1485",
"url": "https://www.suse.com/security/cve/CVE-2014-1485"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1485",
"url": "https://bugzilla.suse.com/861847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1485"
},
{
"cve": "CVE-2014-1486",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1486"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1486",
"url": "https://www.suse.com/security/cve/CVE-2014-1486"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1486",
"url": "https://bugzilla.suse.com/861847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1486"
},
{
"cve": "CVE-2014-1487",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1487"
}
],
"notes": [
{
"category": "general",
"text": "The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1487",
"url": "https://www.suse.com/security/cve/CVE-2014-1487"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1487",
"url": "https://bugzilla.suse.com/861847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1487"
},
{
"cve": "CVE-2014-1488",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1488"
}
],
"notes": [
{
"category": "general",
"text": "The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1488",
"url": "https://www.suse.com/security/cve/CVE-2014-1488"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1488",
"url": "https://bugzilla.suse.com/861847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1488"
},
{
"cve": "CVE-2014-1490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1490"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1490",
"url": "https://www.suse.com/security/cve/CVE-2014-1490"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1490",
"url": "https://bugzilla.suse.com/861847"
},
{
"category": "external",
"summary": "SUSE Bug 862300 for CVE-2014-1490",
"url": "https://bugzilla.suse.com/862300"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1490"
},
{
"cve": "CVE-2014-1491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1491"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote attackers to bypass cryptographic protection mechanisms in ticket handling by leveraging use of a certain value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1491",
"url": "https://www.suse.com/security/cve/CVE-2014-1491"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1491",
"url": "https://bugzilla.suse.com/861847"
},
{
"category": "external",
"summary": "SUSE Bug 862289 for CVE-2014-1491",
"url": "https://bugzilla.suse.com/862289"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1491"
},
{
"cve": "CVE-2014-1492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1492"
}
],
"notes": [
{
"category": "general",
"text": "The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded in an internationalized domain name\u0027s U-label, which might allow man-in-the-middle attackers to spoof SSL servers via a crafted certificate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1492",
"url": "https://www.suse.com/security/cve/CVE-2014-1492"
},
{
"category": "external",
"summary": "SUSE Bug 869827 for CVE-2014-1492",
"url": "https://bugzilla.suse.com/869827"
},
{
"category": "external",
"summary": "SUSE Bug 926974 for CVE-2014-1492",
"url": "https://bugzilla.suse.com/926974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1492"
},
{
"cve": "CVE-2014-1493",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1493"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1493",
"url": "https://www.suse.com/security/cve/CVE-2014-1493"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1493",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1493"
},
{
"cve": "CVE-2014-1494",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1494"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1494",
"url": "https://www.suse.com/security/cve/CVE-2014-1494"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1494",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1494"
},
{
"cve": "CVE-2014-1497",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1497"
}
],
"notes": [
{
"category": "general",
"text": "The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1497",
"url": "https://www.suse.com/security/cve/CVE-2014-1497"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1497",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1497"
},
{
"cve": "CVE-2014-1498",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1498"
}
],
"notes": [
{
"category": "general",
"text": "The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1498",
"url": "https://www.suse.com/security/cve/CVE-2014-1498"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1498",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1498"
},
{
"cve": "CVE-2014-1499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1499"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1499",
"url": "https://www.suse.com/security/cve/CVE-2014-1499"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1499",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1499"
},
{
"cve": "CVE-2014-1500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1500"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1500",
"url": "https://www.suse.com/security/cve/CVE-2014-1500"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1500",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1500"
},
{
"cve": "CVE-2014-1502",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1502"
}
],
"notes": [
{
"category": "general",
"text": "The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1502",
"url": "https://www.suse.com/security/cve/CVE-2014-1502"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1502",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1502"
},
{
"cve": "CVE-2014-1504",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1504"
}
],
"notes": [
{
"category": "general",
"text": "The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document that is accessed after a browser restart.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1504",
"url": "https://www.suse.com/security/cve/CVE-2014-1504"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1504",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1504"
},
{
"cve": "CVE-2014-1505",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1505"
}
],
"notes": [
{
"category": "general",
"text": "The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different domain, via a timing attack involving feDisplacementMap elements, a related issue to CVE-2013-1693.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1505",
"url": "https://www.suse.com/security/cve/CVE-2014-1505"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1505",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1505"
},
{
"cve": "CVE-2014-1508",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1508"
}
],
"notes": [
{
"category": "general",
"text": "The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1508",
"url": "https://www.suse.com/security/cve/CVE-2014-1508"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1508",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1508"
},
{
"cve": "CVE-2014-1509",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1509"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1509",
"url": "https://www.suse.com/security/cve/CVE-2014-1509"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1509",
"url": "https://bugzilla.suse.com/868603"
},
{
"category": "external",
"summary": "SUSE Bug 869339 for CVE-2014-1509",
"url": "https://bugzilla.suse.com/869339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1509"
},
{
"cve": "CVE-2014-1510",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1510"
}
],
"notes": [
{
"category": "general",
"text": "The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1510",
"url": "https://www.suse.com/security/cve/CVE-2014-1510"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1510",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1510"
},
{
"cve": "CVE-2014-1511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1511"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1511",
"url": "https://www.suse.com/security/cve/CVE-2014-1511"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1511",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1511"
},
{
"cve": "CVE-2014-1512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1512"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1512",
"url": "https://www.suse.com/security/cve/CVE-2014-1512"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1512",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1512"
},
{
"cve": "CVE-2014-1513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1513"
}
],
"notes": [
{
"category": "general",
"text": "TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1513",
"url": "https://www.suse.com/security/cve/CVE-2014-1513"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1513",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1513"
},
{
"cve": "CVE-2014-1514",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1514"
}
],
"notes": [
{
"category": "general",
"text": "vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1514",
"url": "https://www.suse.com/security/cve/CVE-2014-1514"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1514",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1514"
},
{
"cve": "CVE-2014-1518",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1518"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1518",
"url": "https://www.suse.com/security/cve/CVE-2014-1518"
},
{
"category": "external",
"summary": "SUSE Bug 875803 for CVE-2014-1518",
"url": "https://bugzilla.suse.com/875803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1518"
},
{
"cve": "CVE-2014-1519",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1519"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1519",
"url": "https://www.suse.com/security/cve/CVE-2014-1519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1519"
},
{
"cve": "CVE-2014-1522",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1522"
}
],
"notes": [
{
"category": "general",
"text": "The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via crafted content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1522",
"url": "https://www.suse.com/security/cve/CVE-2014-1522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1522"
},
{
"cve": "CVE-2014-1523",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1523"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1523",
"url": "https://www.suse.com/security/cve/CVE-2014-1523"
},
{
"category": "external",
"summary": "SUSE Bug 875803 for CVE-2014-1523",
"url": "https://bugzilla.suse.com/875803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1523"
},
{
"cve": "CVE-2014-1524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1524"
}
],
"notes": [
{
"category": "general",
"text": "The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted JavaScript code that accesses a non-XBL object as if it were an XBL object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1524",
"url": "https://www.suse.com/security/cve/CVE-2014-1524"
},
{
"category": "external",
"summary": "SUSE Bug 875803 for CVE-2014-1524",
"url": "https://bugzilla.suse.com/875803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1524"
},
{
"cve": "CVE-2014-1525",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1525"
}
],
"notes": [
{
"category": "general",
"text": "The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) via a crafted VIDEO element in an HTML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1525",
"url": "https://www.suse.com/security/cve/CVE-2014-1525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1525"
},
{
"cve": "CVE-2014-1526",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1526"
}
],
"notes": [
{
"category": "general",
"text": "The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped objects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1526",
"url": "https://www.suse.com/security/cve/CVE-2014-1526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1526"
},
{
"cve": "CVE-2014-1528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1528"
}
],
"notes": [
{
"category": "general",
"text": "The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo in Mozilla Firefox 28.0 and SeaMonkey 2.25 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by painting on a CANVAS element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1528",
"url": "https://www.suse.com/security/cve/CVE-2014-1528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1528"
},
{
"cve": "CVE-2014-1529",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1529"
}
],
"notes": [
{
"category": "general",
"text": "The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1529",
"url": "https://www.suse.com/security/cve/CVE-2014-1529"
},
{
"category": "external",
"summary": "SUSE Bug 875803 for CVE-2014-1529",
"url": "https://bugzilla.suse.com/875803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1529"
},
{
"cve": "CVE-2014-1530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1530"
}
],
"notes": [
{
"category": "general",
"text": "The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-site scripting (XSS) attacks, via a crafted web site that performs history navigation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1530",
"url": "https://www.suse.com/security/cve/CVE-2014-1530"
},
{
"category": "external",
"summary": "SUSE Bug 875378 for CVE-2014-1530",
"url": "https://bugzilla.suse.com/875378"
},
{
"category": "external",
"summary": "SUSE Bug 875803 for CVE-2014-1530",
"url": "https://bugzilla.suse.com/875803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1530"
},
{
"cve": "CVE-2014-1531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1531"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving an imgLoader object that is not properly handled during an image-resize operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1531",
"url": "https://www.suse.com/security/cve/CVE-2014-1531"
},
{
"category": "external",
"summary": "SUSE Bug 875803 for CVE-2014-1531",
"url": "https://bugzilla.suse.com/875803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1531"
},
{
"cve": "CVE-2014-1532",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1532"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to host resolution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1532",
"url": "https://www.suse.com/security/cve/CVE-2014-1532"
},
{
"category": "external",
"summary": "SUSE Bug 875803 for CVE-2014-1532",
"url": "https://bugzilla.suse.com/875803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1532"
},
{
"cve": "CVE-2014-1533",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1533"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1533",
"url": "https://www.suse.com/security/cve/CVE-2014-1533"
},
{
"category": "external",
"summary": "SUSE Bug 881874 for CVE-2014-1533",
"url": "https://bugzilla.suse.com/881874"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1533"
},
{
"cve": "CVE-2014-1534",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1534"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1534",
"url": "https://www.suse.com/security/cve/CVE-2014-1534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1534"
},
{
"cve": "CVE-2014-1536",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1536"
}
],
"notes": [
{
"category": "general",
"text": "The PropertyProvider::FindJustificationRange function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1536",
"url": "https://www.suse.com/security/cve/CVE-2014-1536"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1536"
},
{
"cve": "CVE-2014-1537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1537"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::dom::workers::WorkerPrivateParent function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1537",
"url": "https://www.suse.com/security/cve/CVE-2014-1537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1537"
},
{
"cve": "CVE-2014-1538",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1538"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1538",
"url": "https://www.suse.com/security/cve/CVE-2014-1538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1538"
},
{
"cve": "CVE-2014-1539",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1539"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript code that produces a fake cursor image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1539",
"url": "https://www.suse.com/security/cve/CVE-2014-1539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1539"
},
{
"cve": "CVE-2014-1540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1540"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsEventListenerManager::CompileEventHandlerInternal function in the Event Listener Manager in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1540",
"url": "https://www.suse.com/security/cve/CVE-2014-1540"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1540"
},
{
"cve": "CVE-2014-1541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1541"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1541",
"url": "https://www.suse.com/security/cve/CVE-2014-1541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1541"
},
{
"cve": "CVE-2014-1542",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1542"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code via vectors related to a crafted AudioBuffer channel count and sample rate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1542",
"url": "https://www.suse.com/security/cve/CVE-2014-1542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1542"
},
{
"cve": "CVE-2014-1543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1543"
}
],
"notes": [
{
"category": "general",
"text": "Multiple heap-based buffer overflows in the navigator.getGamepads function in the Gamepad API in Mozilla Firefox before 30.0 allow remote attackers to execute arbitrary code by using non-contiguous axes with a (1) physical or (2) virtual Gamepad device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1543",
"url": "https://www.suse.com/security/cve/CVE-2014-1543"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1543"
},
{
"cve": "CVE-2014-1545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1545"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1545",
"url": "https://www.suse.com/security/cve/CVE-2014-1545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1545"
},
{
"cve": "CVE-2014-1574",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1574"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1574",
"url": "https://www.suse.com/security/cve/CVE-2014-1574"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1574",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1574"
},
{
"cve": "CVE-2014-1575",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1575"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to improper interaction between threading and garbage collection in the GCRuntime::triggerGC function in js/src/jsgc.cpp, and unknown other vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1575",
"url": "https://www.suse.com/security/cve/CVE-2014-1575"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1575",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1575"
},
{
"cve": "CVE-2014-1576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1576"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsTransformedTextRun function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via Cascading Style Sheets (CSS) token sequences that trigger changes to capitalization style.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1576",
"url": "https://www.suse.com/security/cve/CVE-2014-1576"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1576",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1576"
},
{
"cve": "CVE-2014-1577",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1577"
}
],
"notes": [
{
"category": "general",
"text": "The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via an invalid custom waveform that triggers a calculation of a negative frequency value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1577",
"url": "https://www.suse.com/security/cve/CVE-2014-1577"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1577",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1577"
},
{
"cve": "CVE-2014-1578",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1578"
}
],
"notes": [
{
"category": "general",
"text": "The get_tile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly execute arbitrary code via WebM frames with invalid tile sizes that are improperly handled in buffering operations during video playback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1578",
"url": "https://www.suse.com/security/cve/CVE-2014-1578"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1578",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1578"
},
{
"cve": "CVE-2014-1580",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1580"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 33.0 does not properly initialize memory for GIF images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers a sequence of rendering operations for truncated GIF data within a CANVAS element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1580",
"url": "https://www.suse.com/security/cve/CVE-2014-1580"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1580",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1580"
},
{
"cve": "CVE-2014-1581",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1581"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and layout.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1581",
"url": "https://www.suse.com/security/cve/CVE-2014-1581"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1581",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1581"
},
{
"cve": "CVE-2014-1582",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1582"
}
],
"notes": [
{
"category": "general",
"text": "The Public Key Pinning (PKP) implementation in Mozilla Firefox before 33.0 does not properly consider the connection-coalescing behavior of SPDY and HTTP/2 in the case of a shared IP address, which allows man-in-the-middle attackers to bypass an intended pinning configuration and spoof a web site by providing a valid certificate from an arbitrary recognized Certification Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1582",
"url": "https://www.suse.com/security/cve/CVE-2014-1582"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1582",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1582"
},
{
"cve": "CVE-2014-1583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1583"
}
],
"notes": [
{
"category": "general",
"text": "The Alarm API in Mozilla Firefox before 33.0 and Firefox ESR 31.x before 31.2 does not properly restrict toJSON calls, which allows remote attackers to bypass the Same Origin Policy via crafted API calls that access sensitive information within the JSON data of an alarm.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1583",
"url": "https://www.suse.com/security/cve/CVE-2014-1583"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1583",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1583"
},
{
"cve": "CVE-2014-1584",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1584"
}
],
"notes": [
{
"category": "general",
"text": "The Public Key Pinning (PKP) implementation in Mozilla Firefox before 33.0 skips pinning checks upon an unspecified issuer-verification error, which makes it easier for remote attackers to bypass an intended pinning configuration and spoof a web site via a crafted certificate that leads to presentation of the Untrusted Connection dialog to the user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1584",
"url": "https://www.suse.com/security/cve/CVE-2014-1584"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1584",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1584"
},
{
"cve": "CVE-2014-1585",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1585"
}
],
"notes": [
{
"category": "general",
"text": "The WebRTC video-sharing feature in dom/media/MediaManager.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not properly recognize Stop Sharing actions for videos in IFRAME elements, which allows remote attackers to obtain sensitive information from the local camera by maintaining a session after the user tries to discontinue streaming.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1585",
"url": "https://www.suse.com/security/cve/CVE-2014-1585"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1585",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1585"
},
{
"cve": "CVE-2014-1586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1586"
}
],
"notes": [
{
"category": "general",
"text": "content/base/src/nsDocument.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not consider whether WebRTC video sharing is occurring, which allows remote attackers to obtain sensitive information from the local camera in certain IFRAME situations by maintaining a session after the user temporarily navigates away.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1586",
"url": "https://www.suse.com/security/cve/CVE-2014-1586"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1586",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1586"
},
{
"cve": "CVE-2014-1587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1587"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1587",
"url": "https://www.suse.com/security/cve/CVE-2014-1587"
},
{
"category": "external",
"summary": "SUSE Bug 908009 for CVE-2014-1587",
"url": "https://bugzilla.suse.com/908009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1587"
},
{
"cve": "CVE-2014-1588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1588"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1588",
"url": "https://www.suse.com/security/cve/CVE-2014-1588"
},
{
"category": "external",
"summary": "SUSE Bug 908009 for CVE-2014-1588",
"url": "https://bugzilla.suse.com/908009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1588"
},
{
"cve": "CVE-2014-1589",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1589"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 34.0 and SeaMonkey before 2.31 provide stylesheets with an incorrect primary namespace, which allows remote attackers to bypass intended access restrictions via an XBL binding.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1589",
"url": "https://www.suse.com/security/cve/CVE-2014-1589"
},
{
"category": "external",
"summary": "SUSE Bug 908009 for CVE-2014-1589",
"url": "https://bugzilla.suse.com/908009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1589"
},
{
"cve": "CVE-2014-1590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1590"
}
],
"notes": [
{
"category": "general",
"text": "The XMLHttpRequest.prototype.send method in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to cause a denial of service (application crash) via a crafted JavaScript object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1590",
"url": "https://www.suse.com/security/cve/CVE-2014-1590"
},
{
"category": "external",
"summary": "SUSE Bug 908009 for CVE-2014-1590",
"url": "https://bugzilla.suse.com/908009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1590"
},
{
"cve": "CVE-2014-1591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1591"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 33.0 and SeaMonkey before 2.31 include path strings in CSP violation reports, which allows remote attackers to obtain sensitive information via a web site that receives a report after a redirect.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1591",
"url": "https://www.suse.com/security/cve/CVE-2014-1591"
},
{
"category": "external",
"summary": "SUSE Bug 908009 for CVE-2014-1591",
"url": "https://bugzilla.suse.com/908009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1591"
},
{
"cve": "CVE-2014-1592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1592"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsHtml5TreeOperation function in xul.dll in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code by adding a second root element to an HTML5 document during parsing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1592",
"url": "https://www.suse.com/security/cve/CVE-2014-1592"
},
{
"category": "external",
"summary": "SUSE Bug 908009 for CVE-2014-1592",
"url": "https://bugzilla.suse.com/908009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1592"
},
{
"cve": "CVE-2014-1593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1593"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer overflow in the mozilla::FileBlockCache::Read function in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code via crafted media content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1593",
"url": "https://www.suse.com/security/cve/CVE-2014-1593"
},
{
"category": "external",
"summary": "SUSE Bug 908009 for CVE-2014-1593",
"url": "https://bugzilla.suse.com/908009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1593"
},
{
"cve": "CVE-2014-1594",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1594"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 might allow remote attackers to execute arbitrary code by leveraging an incorrect cast from the BasicThebesLayer data type to the BasicContainerLayer data type.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1594",
"url": "https://www.suse.com/security/cve/CVE-2014-1594"
},
{
"category": "external",
"summary": "SUSE Bug 908009 for CVE-2014-1594",
"url": "https://bugzilla.suse.com/908009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1594"
},
{
"cve": "CVE-2014-8634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8634"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8634",
"url": "https://www.suse.com/security/cve/CVE-2014-8634"
},
{
"category": "external",
"summary": "SUSE Bug 913064 for CVE-2014-8634",
"url": "https://bugzilla.suse.com/913064"
},
{
"category": "external",
"summary": "SUSE Bug 913096 for CVE-2014-8634",
"url": "https://bugzilla.suse.com/913096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-8634"
},
{
"cve": "CVE-2014-8635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8635"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8635",
"url": "https://www.suse.com/security/cve/CVE-2014-8635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-8635"
},
{
"cve": "CVE-2014-8636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8636"
}
],
"notes": [
{
"category": "general",
"text": "The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8636",
"url": "https://www.suse.com/security/cve/CVE-2014-8636"
},
{
"category": "external",
"summary": "SUSE Bug 913096 for CVE-2014-8636",
"url": "https://bugzilla.suse.com/913096"
},
{
"category": "external",
"summary": "SUSE Bug 913102 for CVE-2014-8636",
"url": "https://bugzilla.suse.com/913102"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-8636"
},
{
"cve": "CVE-2014-8637",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8637"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly initialize memory for BMP images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers the rendering of malformed BMP data within a CANVAS element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8637",
"url": "https://www.suse.com/security/cve/CVE-2014-8637"
},
{
"category": "external",
"summary": "SUSE Bug 913096 for CVE-2014-8637",
"url": "https://bugzilla.suse.com/913096"
},
{
"category": "external",
"summary": "SUSE Bug 913103 for CVE-2014-8637",
"url": "https://bugzilla.suse.com/913103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-8637"
},
{
"cve": "CVE-2014-8638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8638"
}
],
"notes": [
{
"category": "general",
"text": "The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8638",
"url": "https://www.suse.com/security/cve/CVE-2014-8638"
},
{
"category": "external",
"summary": "SUSE Bug 913068 for CVE-2014-8638",
"url": "https://bugzilla.suse.com/913068"
},
{
"category": "external",
"summary": "SUSE Bug 913096 for CVE-2014-8638",
"url": "https://bugzilla.suse.com/913096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-8638"
},
{
"cve": "CVE-2014-8639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8639"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 do not properly interpret Set-Cookie headers within responses that have a 407 (aka Proxy Authentication Required) status code, which allows remote HTTP proxy servers to conduct session fixation attacks by providing a cookie name that corresponds to the session cookie of the origin server.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8639",
"url": "https://www.suse.com/security/cve/CVE-2014-8639"
},
{
"category": "external",
"summary": "SUSE Bug 913066 for CVE-2014-8639",
"url": "https://bugzilla.suse.com/913066"
},
{
"category": "external",
"summary": "SUSE Bug 913096 for CVE-2014-8639",
"url": "https://bugzilla.suse.com/913096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-8639"
},
{
"cve": "CVE-2014-8640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8640"
}
],
"notes": [
{
"category": "general",
"text": "The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly restrict timeline operations, which allows remote attackers to cause a denial of service (uninitialized-memory read and application crash) via crafted API calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8640",
"url": "https://www.suse.com/security/cve/CVE-2014-8640"
},
{
"category": "external",
"summary": "SUSE Bug 913096 for CVE-2014-8640",
"url": "https://bugzilla.suse.com/913096"
},
{
"category": "external",
"summary": "SUSE Bug 913104 for CVE-2014-8640",
"url": "https://bugzilla.suse.com/913104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-8640"
},
{
"cve": "CVE-2014-8641",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8641"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the WebRTC implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, and SeaMonkey before 2.32 allows remote attackers to execute arbitrary code via crafted track data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8641",
"url": "https://www.suse.com/security/cve/CVE-2014-8641"
},
{
"category": "external",
"summary": "SUSE Bug 913067 for CVE-2014-8641",
"url": "https://bugzilla.suse.com/913067"
},
{
"category": "external",
"summary": "SUSE Bug 913096 for CVE-2014-8641",
"url": "https://bugzilla.suse.com/913096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-8641"
},
{
"cve": "CVE-2014-8642",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8642"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not consider the id-pkix-ocsp-nocheck extension in deciding whether to trust an OCSP responder, which makes it easier for remote attackers to obtain sensitive information by sniffing the network during a session in which there was an incorrect decision to accept a compromised and revoked certificate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8642",
"url": "https://www.suse.com/security/cve/CVE-2014-8642"
},
{
"category": "external",
"summary": "SUSE Bug 913222 for CVE-2014-8642",
"url": "https://bugzilla.suse.com/913222"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-8642"
},
{
"cve": "CVE-2014-8643",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8643"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 35.0 on Windows allows remote attackers to bypass the Gecko Media Plugin (GMP) sandbox protection mechanism by leveraging access to the GMP process, as demonstrated by the OpenH264 plugin\u0027s process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8643",
"url": "https://www.suse.com/security/cve/CVE-2014-8643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-8643"
},
{
"cve": "CVE-2015-0817",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0817"
}
],
"notes": [
{
"category": "general",
"text": "The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2, and SeaMonkey before 2.33.1 does not properly determine the cases in which bounds checking may be safely skipped during JIT compilation and heap access, which allows remote attackers to read or write to unintended memory locations, and consequently execute arbitrary code, via crafted JavaScript.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0817",
"url": "https://www.suse.com/security/cve/CVE-2015-0817"
},
{
"category": "external",
"summary": "SUSE Bug 923495 for CVE-2015-0817",
"url": "https://bugzilla.suse.com/923495"
},
{
"category": "external",
"summary": "SUSE Bug 923534 for CVE-2015-0817",
"url": "https://bugzilla.suse.com/923534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0817"
},
{
"cve": "CVE-2015-0818",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0818"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 36.0.4, Firefox ESR 31.x before 31.5.3, and SeaMonkey before 2.33.1 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving SVG hash navigation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0818",
"url": "https://www.suse.com/security/cve/CVE-2015-0818"
},
{
"category": "external",
"summary": "SUSE Bug 923495 for CVE-2015-0818",
"url": "https://bugzilla.suse.com/923495"
},
{
"category": "external",
"summary": "SUSE Bug 923534 for CVE-2015-0818",
"url": "https://bugzilla.suse.com/923534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0818"
},
{
"cve": "CVE-2015-0819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0819"
}
],
"notes": [
{
"category": "general",
"text": "The UITour::onPageEvent function in Mozilla Firefox before 36.0 does not ensure that an API call originates from a foreground tab, which allows remote attackers to conduct spoofing and clickjacking attacks by leveraging access to a UI Tour web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0819",
"url": "https://www.suse.com/security/cve/CVE-2015-0819"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0819",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0819"
},
{
"cve": "CVE-2015-0820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0820"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 36.0 does not properly restrict transitions of JavaScript objects from a non-extensible state to an extensible state, which allows remote attackers to bypass a Caja Compiler sandbox protection mechanism or a Secure EcmaScript sandbox protection mechanism via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0820",
"url": "https://www.suse.com/security/cve/CVE-2015-0820"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0820",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0820"
},
{
"cve": "CVE-2015-0821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0821"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 36.0 allows user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0821",
"url": "https://www.suse.com/security/cve/CVE-2015-0821"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0821",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0821"
},
{
"cve": "CVE-2015-0822",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0822"
}
],
"notes": [
{
"category": "general",
"text": "The Form Autocompletion feature in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to read arbitrary files via crafted JavaScript code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0822",
"url": "https://www.suse.com/security/cve/CVE-2015-0822"
},
{
"category": "external",
"summary": "SUSE Bug 910669 for CVE-2015-0822",
"url": "https://bugzilla.suse.com/910669"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0822",
"url": "https://bugzilla.suse.com/917597"
},
{
"category": "external",
"summary": "SUSE Bug 923534 for CVE-2015-0822",
"url": "https://bugzilla.suse.com/923534"
},
{
"category": "external",
"summary": "SUSE Bug 924515 for CVE-2015-0822",
"url": "https://bugzilla.suse.com/924515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0822"
},
{
"cve": "CVE-2015-0823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0823"
}
],
"notes": [
{
"category": "general",
"text": "Multiple use-after-free vulnerabilities in OpenType Sanitiser, as used in Mozilla Firefox before 36.0, might allow remote attackers to trigger problematic Developer Console information or possibly have unspecified other impact by leveraging incorrect macro expansion, related to the ots::ots_gasp_parse function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0823",
"url": "https://www.suse.com/security/cve/CVE-2015-0823"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0823",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0823"
},
{
"cve": "CVE-2015-0824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0824"
}
],
"notes": [
{
"category": "general",
"text": "The mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 36.0 allows remote attackers to cause a denial of service (out-of-bounds write of zero values, and application crash) via vectors that trigger use of DrawTarget and the Cairo library for image drawing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0824",
"url": "https://www.suse.com/security/cve/CVE-2015-0824"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0824",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0824"
},
{
"cve": "CVE-2015-0825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0825"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer underflow in the mozilla::MP3FrameParser::ParseBuffer function in Mozilla Firefox before 36.0 allows remote attackers to obtain sensitive information from process memory via a malformed MP3 file that improperly interacts with memory allocation during playback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0825",
"url": "https://www.suse.com/security/cve/CVE-2015-0825"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0825",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0825"
},
{
"cve": "CVE-2015-0826",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0826"
}
],
"notes": [
{
"category": "general",
"text": "The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read of heap memory) via a crafted Cascading Style Sheets (CSS) token sequence that triggers a restyle or reflow operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0826",
"url": "https://www.suse.com/security/cve/CVE-2015-0826"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0826",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0826"
},
{
"cve": "CVE-2015-0827",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0827"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the mozilla::gfx::CopyRect function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to obtain sensitive information from uninitialized process memory via a malformed SVG graphic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0827",
"url": "https://www.suse.com/security/cve/CVE-2015-0827"
},
{
"category": "external",
"summary": "SUSE Bug 910669 for CVE-2015-0827",
"url": "https://bugzilla.suse.com/910669"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0827",
"url": "https://bugzilla.suse.com/917597"
},
{
"category": "external",
"summary": "SUSE Bug 923534 for CVE-2015-0827",
"url": "https://bugzilla.suse.com/923534"
},
{
"category": "external",
"summary": "SUSE Bug 924515 for CVE-2015-0827",
"url": "https://bugzilla.suse.com/924515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0827"
},
{
"cve": "CVE-2015-0828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0828"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in the nsXMLHttpRequest::GetResponse function in Mozilla Firefox before 36.0, when a nonstandard memory allocator is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted JavaScript code that makes an XMLHttpRequest call with zero bytes of data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0828",
"url": "https://www.suse.com/security/cve/CVE-2015-0828"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0828",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0828"
},
{
"cve": "CVE-2015-0829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0829"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in libstagefright in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code via a crafted MP4 video that is improperly handled during playback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0829",
"url": "https://www.suse.com/security/cve/CVE-2015-0829"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0829",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0829"
},
{
"cve": "CVE-2015-0830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0830"
}
],
"notes": [
{
"category": "general",
"text": "The WebGL implementation in Mozilla Firefox before 36.0 does not properly allocate memory for copying an unspecified string to a shader\u0027s compilation log, which allows remote attackers to cause a denial of service (application crash) via crafted WebGL content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0830",
"url": "https://www.suse.com/security/cve/CVE-2015-0830"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0830",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0830"
},
{
"cve": "CVE-2015-0831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0831"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted content that is improperly handled during IndexedDB index creation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0831",
"url": "https://www.suse.com/security/cve/CVE-2015-0831"
},
{
"category": "external",
"summary": "SUSE Bug 910669 for CVE-2015-0831",
"url": "https://bugzilla.suse.com/910669"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0831",
"url": "https://bugzilla.suse.com/917597"
},
{
"category": "external",
"summary": "SUSE Bug 923534 for CVE-2015-0831",
"url": "https://bugzilla.suse.com/923534"
},
{
"category": "external",
"summary": "SUSE Bug 924515 for CVE-2015-0831",
"url": "https://bugzilla.suse.com/924515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0831"
},
{
"cve": "CVE-2015-0832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0832"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 36.0 does not properly recognize the equivalence of domain names with and without a trailing . (dot) character, which allows man-in-the-middle attackers to bypass the HPKP and HSTS protection mechanisms by constructing a URL with this character and leveraging access to an X.509 certificate for a domain with this character.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0832",
"url": "https://www.suse.com/security/cve/CVE-2015-0832"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0832",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0832"
},
{
"cve": "CVE-2015-0833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0833"
}
],
"notes": [
{
"category": "general",
"text": "Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 on Windows, when the Maintenance Service is not used, allow local users to gain privileges via a Trojan horse DLL in (1) the current working directory or (2) a temporary directory, as demonstrated by bcrypt.dll.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0833",
"url": "https://www.suse.com/security/cve/CVE-2015-0833"
},
{
"category": "external",
"summary": "SUSE Bug 923534 for CVE-2015-0833",
"url": "https://bugzilla.suse.com/923534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-0833"
},
{
"cve": "CVE-2015-0834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0834"
}
],
"notes": [
{
"category": "general",
"text": "The WebRTC subsystem in Mozilla Firefox before 36.0 recognizes turns: and stuns: URIs but accesses the TURN or STUN server without using TLS, which makes it easier for man-in-the-middle attackers to discover credentials by spoofing a server and completing a brute-force attack within a short time window.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0834",
"url": "https://www.suse.com/security/cve/CVE-2015-0834"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0834",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0834"
},
{
"cve": "CVE-2015-0835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0835"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0835",
"url": "https://www.suse.com/security/cve/CVE-2015-0835"
},
{
"category": "external",
"summary": "SUSE Bug 910669 for CVE-2015-0835",
"url": "https://bugzilla.suse.com/910669"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0835",
"url": "https://bugzilla.suse.com/917597"
},
{
"category": "external",
"summary": "SUSE Bug 924515 for CVE-2015-0835",
"url": "https://bugzilla.suse.com/924515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0835"
},
{
"cve": "CVE-2015-0836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0836"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0836",
"url": "https://www.suse.com/security/cve/CVE-2015-0836"
},
{
"category": "external",
"summary": "SUSE Bug 910669 for CVE-2015-0836",
"url": "https://bugzilla.suse.com/910669"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0836",
"url": "https://bugzilla.suse.com/917597"
},
{
"category": "external",
"summary": "SUSE Bug 923534 for CVE-2015-0836",
"url": "https://bugzilla.suse.com/923534"
},
{
"category": "external",
"summary": "SUSE Bug 924515 for CVE-2015-0836",
"url": "https://bugzilla.suse.com/924515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0836"
},
{
"cve": "CVE-2015-4500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4500"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4500",
"url": "https://www.suse.com/security/cve/CVE-2015-4500"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4500",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4500"
},
{
"cve": "CVE-2015-4501",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4501"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4501",
"url": "https://www.suse.com/security/cve/CVE-2015-4501"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4501",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4501"
},
{
"cve": "CVE-2015-4502",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4502"
}
],
"notes": [
{
"category": "general",
"text": "js/src/proxy/Proxy.cpp in Mozilla Firefox before 41.0 mishandles certain receiver arguments, which allows remote attackers to bypass intended window access restrictions via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4502",
"url": "https://www.suse.com/security/cve/CVE-2015-4502"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4502",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-4502"
},
{
"cve": "CVE-2015-4503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4503"
}
],
"notes": [
{
"category": "general",
"text": "The TCP Socket API implementation in Mozilla Firefox before 41.0 mishandles array boundaries that were established with a navigator.mozTCPSocket.open method call and send method calls, which allows remote TCP servers to obtain sensitive information from process memory by reading packet data, as demonstrated by availability of this API in a Firefox OS application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4503",
"url": "https://www.suse.com/security/cve/CVE-2015-4503"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4503",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-4503"
},
{
"cve": "CVE-2015-4504",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4504"
}
],
"notes": [
{
"category": "general",
"text": "The lut_inverse_interp16 function in the QCMS library in Mozilla Firefox before 41.0 allows remote attackers to obtain sensitive information or cause a denial of service (buffer over-read and application crash) via crafted attributes in the ICC 4 profile of an image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4504",
"url": "https://www.suse.com/security/cve/CVE-2015-4504"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4504",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-4504"
},
{
"cve": "CVE-2015-4505",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4505"
}
],
"notes": [
{
"category": "general",
"text": "updater.exe in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows allows local users to write to arbitrary files by conducting a junction attack and waiting for an update operation by the Mozilla Maintenance Service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4505",
"url": "https://www.suse.com/security/cve/CVE-2015-4505"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4505",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-4505"
},
{
"cve": "CVE-2015-4506",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4506"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the vp9_init_context_buffers function in libvpx, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3, allows remote attackers to execute arbitrary code via a crafted VP9 file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4506",
"url": "https://www.suse.com/security/cve/CVE-2015-4506"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4506",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4506"
},
{
"cve": "CVE-2015-4507",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4507"
}
],
"notes": [
{
"category": "general",
"text": "The SavedStacks class in the JavaScript implementation in Mozilla Firefox before 41.0, when the Debugger API is enabled, allows remote attackers to cause a denial of service (getSlotRef assertion failure and application exit) or possibly execute arbitrary code via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4507",
"url": "https://www.suse.com/security/cve/CVE-2015-4507"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4507",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-4507"
},
{
"cve": "CVE-2015-4509",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4509"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the HTMLVideoElement interface in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via crafted JavaScript code that modifies the URI table of a media element, aka ZDI-CAN-3176.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4509",
"url": "https://www.suse.com/security/cve/CVE-2015-4509"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4509",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4509"
},
{
"cve": "CVE-2015-4510",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4510"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the WorkerPrivate::NotifyFeatures function in Mozilla Firefox before 41.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) by leveraging improper interaction between shared workers and the IndexedDB implementation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4510",
"url": "https://www.suse.com/security/cve/CVE-2015-4510"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4510",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-4510"
},
{
"cve": "CVE-2015-4511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4511"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nestegg_track_codec_data function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via a crafted header in a WebM video.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4511",
"url": "https://www.suse.com/security/cve/CVE-2015-4511"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4511",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4511"
},
{
"cve": "CVE-2015-4512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4512"
}
],
"notes": [
{
"category": "general",
"text": "gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux improperly attempts to use the Cairo library with 32-bit color-depth surface creation followed by 16-bit color-depth surface display, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) by using a CANVAS element to trigger 2D rendering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4512",
"url": "https://www.suse.com/security/cve/CVE-2015-4512"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4512",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-4512"
},
{
"cve": "CVE-2015-4513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4513"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4513",
"url": "https://www.suse.com/security/cve/CVE-2015-4513"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-4513",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-4513"
},
{
"cve": "CVE-2015-4514",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4514"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4514",
"url": "https://www.suse.com/security/cve/CVE-2015-4514"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-4514",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-4514"
},
{
"cve": "CVE-2015-4515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4515"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 42.0, when NTLM v1 is enabled for HTTP authentication, allows remote attackers to obtain sensitive hostname information by constructing a crafted web site that sends an NTLM request and reads the Workstation field of an NTLM type 3 message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4515",
"url": "https://www.suse.com/security/cve/CVE-2015-4515"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-4515",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-4515"
},
{
"cve": "CVE-2015-4516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4516"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 41.0 allows remote attackers to bypass certain ECMAScript 5 (aka ES5) API protection mechanisms and modify immutable properties, and consequently execute arbitrary JavaScript code with chrome privileges, via a crafted web page that does not use ES5 APIs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4516",
"url": "https://www.suse.com/security/cve/CVE-2015-4516"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4516",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-4516"
},
{
"cve": "CVE-2015-4517",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4517"
}
],
"notes": [
{
"category": "general",
"text": "NetworkUtils.cpp in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4517",
"url": "https://www.suse.com/security/cve/CVE-2015-4517"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4517",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4517"
},
{
"cve": "CVE-2015-4518",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4518"
}
],
"notes": [
{
"category": "general",
"text": "The Reader View implementation in Mozilla Firefox before 42.0 has an improper whitelist, which makes it easier for remote attackers to bypass the Content Security Policy (CSP) protection mechanism and conduct cross-site scripting (XSS) attacks via vectors involving SVG animations and the about:reader URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4518",
"url": "https://www.suse.com/security/cve/CVE-2015-4518"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-4518",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-4518"
},
{
"cve": "CVE-2015-4519",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4519"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow user-assisted remote attackers to bypass intended access restrictions and discover a redirect\u0027s target URL via crafted JavaScript code that executes after a drag-and-drop action of an image into a TEXTBOX element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4519",
"url": "https://www.suse.com/security/cve/CVE-2015-4519"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4519",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4519"
},
{
"cve": "CVE-2015-4520",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4520"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to bypass CORS preflight protection mechanisms by leveraging (1) duplicate cache-key generation or (2) retrieval of a value from an incorrect HTTP Access-Control-* response header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4520",
"url": "https://www.suse.com/security/cve/CVE-2015-4520"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4520",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4520"
},
{
"cve": "CVE-2015-4521",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4521"
}
],
"notes": [
{
"category": "general",
"text": "The ConvertDialogOptions function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4521",
"url": "https://www.suse.com/security/cve/CVE-2015-4521"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4521",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4521"
},
{
"cve": "CVE-2015-4522",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4522"
}
],
"notes": [
{
"category": "general",
"text": "The nsUnicodeToUTF8::GetMaxLength function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an \"overflow.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4522",
"url": "https://www.suse.com/security/cve/CVE-2015-4522"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4522",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4522"
},
{
"cve": "CVE-2015-7174",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7174"
}
],
"notes": [
{
"category": "general",
"text": "The nsAttrAndChildArray::GrowBy function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an \"overflow.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7174",
"url": "https://www.suse.com/security/cve/CVE-2015-7174"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-7174",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7174"
},
{
"cve": "CVE-2015-7175",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7175"
}
],
"notes": [
{
"category": "general",
"text": "The XULContentSinkImpl::AddText function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an \"overflow.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7175",
"url": "https://www.suse.com/security/cve/CVE-2015-7175"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-7175",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7175"
},
{
"cve": "CVE-2015-7176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7176"
}
],
"notes": [
{
"category": "general",
"text": "The AnimationThread function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 uses an incorrect argument to the sscanf function, which might allow remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7176",
"url": "https://www.suse.com/security/cve/CVE-2015-7176"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-7176",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7176"
},
{
"cve": "CVE-2015-7177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7177"
}
],
"notes": [
{
"category": "general",
"text": "The InitTextures function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7177",
"url": "https://www.suse.com/security/cve/CVE-2015-7177"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-7177",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7177"
},
{
"cve": "CVE-2015-7178",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7178"
}
],
"notes": [
{
"category": "general",
"text": "The ProgramBinary::linkAttributes function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, mishandles shader access, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted (1) OpenGL or (2) WebGL content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7178",
"url": "https://www.suse.com/security/cve/CVE-2015-7178"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-7178",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7178"
},
{
"cve": "CVE-2015-7179",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7179"
}
],
"notes": [
{
"category": "general",
"text": "The VertexBufferInterface::reserveVertexSpace function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, incorrectly allocates memory for shader attribute arrays, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted (1) OpenGL or (2) WebGL content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7179",
"url": "https://www.suse.com/security/cve/CVE-2015-7179"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-7179",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7179"
},
{
"cve": "CVE-2015-7180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7180"
}
],
"notes": [
{
"category": "general",
"text": "The ReadbackResultWriterD3D11::Run function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 misinterprets the return value of a function call, which might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7180",
"url": "https://www.suse.com/security/cve/CVE-2015-7180"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-7180",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7180"
},
{
"cve": "CVE-2015-7181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7181"
}
],
"notes": [
{
"category": "general",
"text": "The sec_asn1d_parse_leaf function in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an unspecified data structure, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data, related to a \"use-after-poison\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7181",
"url": "https://www.suse.com/security/cve/CVE-2015-7181"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7181",
"url": "https://bugzilla.suse.com/952810"
},
{
"category": "external",
"summary": "SUSE Bug 962977 for CVE-2015-7181",
"url": "https://bugzilla.suse.com/962977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7181"
},
{
"cve": "CVE-2015-7182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7182"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7182",
"url": "https://www.suse.com/security/cve/CVE-2015-7182"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7182",
"url": "https://bugzilla.suse.com/952810"
},
{
"category": "external",
"summary": "SUSE Bug 962977 for CVE-2015-7182",
"url": "https://bugzilla.suse.com/962977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7182"
},
{
"cve": "CVE-2015-7183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7183"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7183",
"url": "https://www.suse.com/security/cve/CVE-2015-7183"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7183",
"url": "https://bugzilla.suse.com/952810"
},
{
"category": "external",
"summary": "SUSE Bug 962977 for CVE-2015-7183",
"url": "https://bugzilla.suse.com/962977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7183"
},
{
"cve": "CVE-2015-7185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7185"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 42.0 on Android does not ensure that the address bar is restored upon fullscreen-mode exit, which allows remote attackers to spoof the address bar via crafted JavaScript code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7185",
"url": "https://www.suse.com/security/cve/CVE-2015-7185"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7185",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7185"
},
{
"cve": "CVE-2015-7186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7186"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 42.0 on Android allows user-assisted remote attackers to bypass the Same Origin Policy and trigger (1) a download or (2) cached profile-data reading via a file: URL in a saved HTML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7186",
"url": "https://www.suse.com/security/cve/CVE-2015-7186"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7186",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7186"
},
{
"cve": "CVE-2015-7187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7187"
}
],
"notes": [
{
"category": "general",
"text": "The Add-on SDK in Mozilla Firefox before 42.0 misinterprets a \"script: false\" panel setting, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via inline JavaScript code that is executed within a third-party extension.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7187",
"url": "https://www.suse.com/security/cve/CVE-2015-7187"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7187",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7187"
},
{
"cve": "CVE-2015-7188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7188"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to bypass the Same Origin Policy for an IP address origin, and conduct cross-site scripting (XSS) attacks, by appending whitespace characters to an IP address string.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7188",
"url": "https://www.suse.com/security/cve/CVE-2015-7188"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7188",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7188"
},
{
"cve": "CVE-2015-7189",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7189"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the JPEGEncoder function in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via vectors involving a CANVAS element and crafted JavaScript code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7189",
"url": "https://www.suse.com/security/cve/CVE-2015-7189"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7189",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7189"
},
{
"cve": "CVE-2015-7190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7190"
}
],
"notes": [
{
"category": "general",
"text": "The Search feature in Mozilla Firefox before 42.0 on Android through 4.4 supports search-engine URL registration through an intent and can access this URL in a privileged context in conjunction with the crash reporter, which allows attackers to read log files and visit file: URLs of HTML documents via a crafted application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7190",
"url": "https://www.suse.com/security/cve/CVE-2015-7190"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7190",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7190"
},
{
"cve": "CVE-2015-7191",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7191"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 42.0 on Android improperly restricts URL strings in intents, which allows attackers to conduct cross-site scripting (XSS) attacks via vectors involving an intent: URL and fallback navigation, aka \"Universal XSS (UXSS).\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7191",
"url": "https://www.suse.com/security/cve/CVE-2015-7191"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7191",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7191"
},
{
"cve": "CVE-2015-7192",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7192"
}
],
"notes": [
{
"category": "general",
"text": "The accessibility-tools feature in Mozilla Firefox before 42.0 on OS X improperly interacts with the implementation of the TABLE element, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using an NSAccessibilityIndexAttribute value to reference a row index.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7192",
"url": "https://www.suse.com/security/cve/CVE-2015-7192"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7192",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7192"
},
{
"cve": "CVE-2015-7193",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7193"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly follow the CORS cross-origin request algorithm for the POST method in situations involving an unspecified Content-Type header manipulation, which allows remote attackers to bypass the Same Origin Policy by leveraging the lack of a preflight-request step.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7193",
"url": "https://www.suse.com/security/cve/CVE-2015-7193"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7193",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7193"
},
{
"cve": "CVE-2015-7194",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7194"
}
],
"notes": [
{
"category": "general",
"text": "Buffer underflow in libjar in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP archive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7194",
"url": "https://www.suse.com/security/cve/CVE-2015-7194"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7194",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7194"
},
{
"cve": "CVE-2015-7195",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7195"
}
],
"notes": [
{
"category": "general",
"text": "The URL parsing implementation in Mozilla Firefox before 42.0 improperly recognizes escaped characters in hostnames within Location headers, which allows remote attackers to obtain sensitive information via vectors involving a redirect.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7195",
"url": "https://www.suse.com/security/cve/CVE-2015-7195"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7195",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7195"
},
{
"cve": "CVE-2015-7196",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7196"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, when a Java plugin is enabled, allow remote attackers to cause a denial of service (incorrect garbage collection and application crash) or possibly execute arbitrary code via a crafted Java applet that deallocates an in-use JavaScript wrapper.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7196",
"url": "https://www.suse.com/security/cve/CVE-2015-7196"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7196",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7196"
},
{
"cve": "CVE-2015-7197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7197"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly control the ability of a web worker to create a WebSocket object, which allows remote attackers to bypass intended mixed-content restrictions via crafted JavaScript code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7197",
"url": "https://www.suse.com/security/cve/CVE-2015-7197"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7197",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7197"
},
{
"cve": "CVE-2015-7198",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7198"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the rx::TextureStorage11 class in ANGLE, as used in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted texture data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7198",
"url": "https://www.suse.com/security/cve/CVE-2015-7198"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7198",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7198"
},
{
"cve": "CVE-2015-7199",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7199"
}
],
"notes": [
{
"category": "general",
"text": "The (1) AddWeightedPathSegLists and (2) SVGPathSegListSMILType::Interpolate functions in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lack status checking, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted SVG document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7199",
"url": "https://www.suse.com/security/cve/CVE-2015-7199"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7199",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7199"
},
{
"cve": "CVE-2015-7200",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7200"
}
],
"notes": [
{
"category": "general",
"text": "The CryptoKey interface implementation in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lacks status checking, which allows attackers to have an unspecified impact via vectors related to a cryptographic key.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7200",
"url": "https://www.suse.com/security/cve/CVE-2015-7200"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7200",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7200"
},
{
"cve": "CVE-2015-7201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7201"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7201",
"url": "https://www.suse.com/security/cve/CVE-2015-7201"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7201",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7201"
},
{
"cve": "CVE-2015-7202",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7202"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7202",
"url": "https://www.suse.com/security/cve/CVE-2015-7202"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7202",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7202"
},
{
"cve": "CVE-2015-7203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7203"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the DirectWriteFontInfo::LoadFontFamilyData function in gfx/thebes/gfxDWriteFontList.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted font-family name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7203",
"url": "https://www.suse.com/security/cve/CVE-2015-7203"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7203",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7203"
},
{
"cve": "CVE-2015-7204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7204"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 43.0 does not properly store the properties of unboxed objects, which allows remote attackers to execute arbitrary code via crafted JavaScript variable assignments.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7204",
"url": "https://www.suse.com/security/cve/CVE-2015-7204"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7204",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7204"
},
{
"cve": "CVE-2015-7205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7205"
}
],
"notes": [
{
"category": "general",
"text": "Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a crafted WebRTC RTP packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7205",
"url": "https://www.suse.com/security/cve/CVE-2015-7205"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7205",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7205"
},
{
"cve": "CVE-2015-7207",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7207"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 43.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and performance.getEntries calls, a related issue to CVE-2015-1300.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7207",
"url": "https://www.suse.com/security/cve/CVE-2015-7207"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7207",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7207"
},
{
"cve": "CVE-2015-7208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7208"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 43.0 stores cookies containing vertical tab characters, which allows remote attackers to obtain sensitive information by reading HTTP Cookie headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7208",
"url": "https://www.suse.com/security/cve/CVE-2015-7208"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7208",
"url": "https://bugzilla.suse.com/959277"
},
{
"category": "external",
"summary": "SUSE Bug 963637 for CVE-2015-7208",
"url": "https://bugzilla.suse.com/963637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7208"
},
{
"cve": "CVE-2015-7210",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7210"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7210",
"url": "https://www.suse.com/security/cve/CVE-2015-7210"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7210",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7210"
},
{
"cve": "CVE-2015-7211",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7211"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 43.0 mishandles the # (number sign) character in a data: URI, which allows remote attackers to spoof web sites via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7211",
"url": "https://www.suse.com/security/cve/CVE-2015-7211"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7211",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7211"
},
{
"cve": "CVE-2015-7212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7212"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering a graphics operation that requires a large texture allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7212",
"url": "https://www.suse.com/security/cve/CVE-2015-7212"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7212",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7212"
},
{
"cve": "CVE-2015-7213",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7213"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7213",
"url": "https://www.suse.com/security/cve/CVE-2015-7213"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7213",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7213"
},
{
"cve": "CVE-2015-7214",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7214"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to bypass the Same Origin Policy via data: and view-source: URIs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7214",
"url": "https://www.suse.com/security/cve/CVE-2015-7214"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7214",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7214"
},
{
"cve": "CVE-2015-7215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7215"
}
],
"notes": [
{
"category": "general",
"text": "The importScripts function in the Web Workers API implementation in Mozilla Firefox before 43.0 allows remote attackers to bypass the Same Origin Policy by triggering use of the no-cors mode in the fetch API to attempt resource access that throws an exception, leading to information disclosure after a rethrow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7215",
"url": "https://www.suse.com/security/cve/CVE-2015-7215"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7215",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7215"
},
{
"cve": "CVE-2015-7216",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7216"
}
],
"notes": [
{
"category": "general",
"text": "The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the JasPer decoder, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JPEG 2000 image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7216",
"url": "https://www.suse.com/security/cve/CVE-2015-7216"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7216",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7216"
},
{
"cve": "CVE-2015-7217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7217"
}
],
"notes": [
{
"category": "general",
"text": "The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the TGA decoder, which allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted Truevision TGA image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7217",
"url": "https://www.suse.com/security/cve/CVE-2015-7217"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7217",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7217"
},
{
"cve": "CVE-2015-7218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7218"
}
],
"notes": [
{
"category": "general",
"text": "The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service (integer underflow, assertion failure, and application exit) via a single-byte header frame that triggers incorrect memory allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7218",
"url": "https://www.suse.com/security/cve/CVE-2015-7218"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7218",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7218"
},
{
"cve": "CVE-2015-7219",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7219"
}
],
"notes": [
{
"category": "general",
"text": "The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service (integer underflow, assertion failure, and application exit) via a malformed PushPromise frame that triggers decompressed-buffer length miscalculation and incorrect memory allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7219",
"url": "https://www.suse.com/security/cve/CVE-2015-7219"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7219",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7219"
},
{
"cve": "CVE-2015-7220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7220"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the XDRBuffer::grow function in js/src/vm/Xdr.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7220",
"url": "https://www.suse.com/security/cve/CVE-2015-7220"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7220",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7220"
},
{
"cve": "CVE-2015-7221",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7221"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the nsDeque::GrowCapacity function in xpcom/glue/nsDeque.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a deque size change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7221",
"url": "https://www.suse.com/security/cve/CVE-2015-7221"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7221",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7221"
},
{
"cve": "CVE-2015-7222",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7222"
}
],
"notes": [
{
"category": "general",
"text": "Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect memory allocation and application crash) via an MP4 video file with crafted covr metadata that triggers a buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7222",
"url": "https://www.suse.com/security/cve/CVE-2015-7222"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7222",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7222"
},
{
"cve": "CVE-2015-7223",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7223"
}
],
"notes": [
{
"category": "general",
"text": "The WebExtension APIs in Mozilla Firefox before 43.0 allow remote attackers to gain privileges, and possibly obtain sensitive information or conduct cross-site scripting (XSS) attacks, via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7223",
"url": "https://www.suse.com/security/cve/CVE-2015-7223"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7223",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7223"
},
{
"cve": "CVE-2015-7575",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7575"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7575",
"url": "https://www.suse.com/security/cve/CVE-2015-7575"
},
{
"category": "external",
"summary": "SUSE Bug 959888 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/959888"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 960996 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/960996"
},
{
"category": "external",
"summary": "SUSE Bug 961280 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961280"
},
{
"category": "external",
"summary": "SUSE Bug 961281 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961281"
},
{
"category": "external",
"summary": "SUSE Bug 961282 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961282"
},
{
"category": "external",
"summary": "SUSE Bug 961283 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961283"
},
{
"category": "external",
"summary": "SUSE Bug 961284 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961284"
},
{
"category": "external",
"summary": "SUSE Bug 961290 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961290"
},
{
"category": "external",
"summary": "SUSE Bug 961357 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961357"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/963937"
},
{
"category": "external",
"summary": "SUSE Bug 967521 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/967521"
},
{
"category": "external",
"summary": "SUSE Bug 981087 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/981087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7575"
},
{
"cve": "CVE-2016-6354",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-6354"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-6354",
"url": "https://www.suse.com/security/cve/CVE-2016-6354"
},
{
"category": "external",
"summary": "SUSE Bug 1026047 for CVE-2016-6354",
"url": "https://bugzilla.suse.com/1026047"
},
{
"category": "external",
"summary": "SUSE Bug 1035082 for CVE-2016-6354",
"url": "https://bugzilla.suse.com/1035082"
},
{
"category": "external",
"summary": "SUSE Bug 1035209 for CVE-2016-6354",
"url": "https://bugzilla.suse.com/1035209"
},
{
"category": "external",
"summary": "SUSE Bug 990856 for CVE-2016-6354",
"url": "https://bugzilla.suse.com/990856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:seamonkey-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-dom-inspector-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-irc-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-common-2.40-6.1.x86_64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.aarch64",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.ppc64le",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.s390x",
"openSUSE Tumbleweed:seamonkey-translations-other-2.40-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-6354"
}
]
}
OPENSUSE-SU-2024:10071-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
MozillaFirefox-50.1.0-1.1 on GA media
Notes
Title of the patch
MozillaFirefox-50.1.0-1.1 on GA media
Description of the patch
These are all security issues fixed in the MozillaFirefox-50.1.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10071
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "MozillaFirefox-50.1.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the MozillaFirefox-50.1.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10071",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10071-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2008-5913 page",
"url": "https://www.suse.com/security/cve/CVE-2008-5913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-0040 page",
"url": "https://www.suse.com/security/cve/CVE-2009-0040/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-0652 page",
"url": "https://www.suse.com/security/cve/CVE-2009-0652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-0771 page",
"url": "https://www.suse.com/security/cve/CVE-2009-0771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-0772 page",
"url": "https://www.suse.com/security/cve/CVE-2009-0772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-0773 page",
"url": "https://www.suse.com/security/cve/CVE-2009-0773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-0774 page",
"url": "https://www.suse.com/security/cve/CVE-2009-0774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-0775 page",
"url": "https://www.suse.com/security/cve/CVE-2009-0775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-0776 page",
"url": "https://www.suse.com/security/cve/CVE-2009-0776/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-0777 page",
"url": "https://www.suse.com/security/cve/CVE-2009-0777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1044 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1169 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1302 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1302/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1303 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1303/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1304 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1304/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1305 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1305/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1306 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1306/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1307 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1307/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1308 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1308/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1309 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1309/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1310 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1310/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1311 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1311/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1312 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1312/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1313 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1313/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1563 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1563/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-2470 page",
"url": "https://www.suse.com/security/cve/CVE-2009-2470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-2654 page",
"url": "https://www.suse.com/security/cve/CVE-2009-2654/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3069 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3069/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3070 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3071 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3071/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3072 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3073 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3074 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3075 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3077 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3078 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3079 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3274 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3274/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3370 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3370/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3371 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3371/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3372 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3372/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3373 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3373/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3374 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3374/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3375 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3375/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3376 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3376/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3377 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3377/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3378 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3378/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3379 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3379/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3380 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3380/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3381 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3381/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3383 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3383/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3388 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3388/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3389 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3389/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3555 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3979 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3980 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3982 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3983 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3984 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3985 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0164 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0164/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0165 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0165/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0166 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0166/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0167 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0168 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0168/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0169 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0170 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0170/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0171 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0172 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0172/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0173 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0174 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0174/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0176 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0177 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0178 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0178/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0181 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0182 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0654 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0654/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1028 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1121 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1121/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1125 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1196 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1196/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1197 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1197/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1198 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1198/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1199 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1199/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1200 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1200/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1201 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1202 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1202/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1203 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1205 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1206 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1206/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1207 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1207/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1208 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1209 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1209/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1210 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1210/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1211 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1211/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1212 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1213 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1213/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1214 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1214/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1215 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2751 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2752 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2753 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2754 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2755 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2760 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2762 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2764 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2765 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2766 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2767 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2768 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2769 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3166 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3166/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3167 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3168 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3168/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3169 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3170 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3170/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3173 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3174 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3174/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3175 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3175/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3176 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3177 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3178 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3178/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3179 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3180 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3182 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3183 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3765 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0068 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0069 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0069/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0070 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0079 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0080 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0081 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0084 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0084/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-1187 page",
"url": "https://www.suse.com/security/cve/CVE-2011-1187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-1202 page",
"url": "https://www.suse.com/security/cve/CVE-2011-1202/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2366 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2366/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2367 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2367/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2368 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2368/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2369 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2369/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2370 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2370/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2371 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2371/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2372 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2372/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2373 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2373/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2374 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2374/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2375 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2375/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2377 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2377/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2985 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2986 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2988 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2988/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2989 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2990 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2991 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2992 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2993 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2995 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2996 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2997 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3000 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3001 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3002 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3003 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3003/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3004 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3005 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3026 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3026/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3062 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3079 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3101 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3232 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3232/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3648 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3648/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3650 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3651 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3651/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3652 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3654 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3654/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3655 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3655/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3658 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3659 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3660 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3660/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3661 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3663 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0441 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0441/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0442 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0442/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0443 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0443/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0444 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0444/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0445 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0445/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0446 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0446/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0447 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0447/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0449 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0449/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0451 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0451/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0452 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0452/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0455 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0455/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0456 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0456/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0457 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0457/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0458 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0459 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0459/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0460 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0460/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0461 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0461/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0462 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0462/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0463 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0463/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0464 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0467 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0467/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0468 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0468/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0469 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0470 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0471 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0471/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0472 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0473 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0473/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0474 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0474/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0475 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0475/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0477 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0478 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0478/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0479 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0479/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0759 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1937 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1938 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1940 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1941 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1941/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1944 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1945 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1946 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1946/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1947 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1948 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1949 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1950 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1951 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1952 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1953 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1954 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1955 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1956 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1957 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1958 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1959 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1960 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1961 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1962 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1963 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1965 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1966 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1967 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1970 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1972 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1973 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1974 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1975 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1976 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1976/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-2808 page",
"url": "https://www.suse.com/security/cve/CVE-2012-2808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3956 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3957 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3958 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3959 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3960 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3961 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3962 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3963 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3964 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3965 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3966 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3967 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3968 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3969 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3970 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3971 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3972 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3973 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3975 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3976 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3976/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3978 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3980 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3982 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3983 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3984 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3985 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3986 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3988 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3988/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3989 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3990 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3991 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3992 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3993 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3994 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3995 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4179 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4180 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4181 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4182 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4183 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4184 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4185 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4186 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4186/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4187 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4188 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4191 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4191/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4192 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4192/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4193 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4193/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4194 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4194/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4195 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4195/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4196 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4196/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4201 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4202 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4202/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4203 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4204 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4205 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4207 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4207/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4208 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4209 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4209/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4210 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4210/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4212 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4213 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4213/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4214 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4214/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4215 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4216 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4216/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4217 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4217/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4218 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5829 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5830 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5833 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5835 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5836 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5837 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5837/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5838 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5839 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5840 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5841 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5842 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5843 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5843/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0743 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0744 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0745 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0745/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0746 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0746/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0747 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0748 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0748/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0749 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0750 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0751 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0752 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0753 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0754 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0755 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0756 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0757 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0758 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0760 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0761 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0762 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0763 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0764 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0765 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0766 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0767 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0768 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0769 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0770 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0771 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0772 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0773 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0774 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0775 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0776 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0776/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0777 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0778 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0778/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0779 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0779/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0780 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0781 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0782 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0783 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0783/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0787 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0788 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0789 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0792 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0793 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0794 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0795 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0796 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0800 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0801 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1669 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1669/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1670 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1671 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1674 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1675 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1676 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1677 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1677/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1678 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1679 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1680 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1681 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1681/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1682 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1682/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1683 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1684 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1684/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1685 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1685/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1686 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1686/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1687 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1688 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1688/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1690 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1690/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1692 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1692/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1693 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1694 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1694/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1695 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1696 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1697 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1698 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1699 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1701 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1702 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1704 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1705 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1708 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1709 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1710 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1711 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1713 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1714 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1717 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1717/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1718 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1719 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1720 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1721 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1721/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1722 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1722/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1723 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1724 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1725 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1728 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1730 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1730/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1732 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1735 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1736 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1737 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1737/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1738 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5590 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5591 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5592 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5593 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5593/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5595 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5596 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5596/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5597 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5598 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5598/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5599 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5599/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5600 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5600/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5601 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5602 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5603 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5603/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5604 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5604/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5609 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5610 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5611 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5611/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5612 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5612/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5613 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5613/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5614 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5615 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5615/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5616 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5616/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5618 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5619 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5619/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6629 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6630 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6630/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6671 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6672 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6672/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6673 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1477 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1478 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1478/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1479 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1479/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1480 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1480/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1481 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1481/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1482 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1482/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1483 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1484 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1484/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1485 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1485/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1486 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1486/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1487 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1487/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1488 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1488/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1489 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1490 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1491 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1492 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1493 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1493/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1494 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1494/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1497 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1497/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1498 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1498/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1499 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1500 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1502 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1502/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1504 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1504/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1505 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1505/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1508 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1508/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1509 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1509/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1510 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1510/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1511 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1512 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1512/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1513 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1514 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1514/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1518 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1518/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1519 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1519/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1522 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1522/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1523 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1523/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1524 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1525 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1525/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1526 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1526/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1528 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1529 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1529/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1530 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1531 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1532 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1532/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1533 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1533/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1534 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1534/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1536 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1536/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1537 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1538 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1538/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1539 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1539/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1540 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1541 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1542 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1542/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1543 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1544 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1544/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1545 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1547 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1547/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1548 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1549 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1549/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1550 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1552 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1552/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1553 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1553/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1554 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1554/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1555 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1556 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1556/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1557 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1557/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1558 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1558/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1559 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1559/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1560 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1560/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1561 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1561/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1562 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1562/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1563 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1563/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1564 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1564/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1565 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1567 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1567/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1574 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1574/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1575 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1575/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1576 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1577 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1577/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1578 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1578/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1580 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1580/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1581 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1581/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1582 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1582/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1583 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1584 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1584/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1585 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1585/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1586 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1587 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1588 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1589 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1589/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1590 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1591 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1592 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1593 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1593/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1594 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1594/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8634 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8635 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8636 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8637 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8637/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8638 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8638/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8639 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8640 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8641 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8641/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8642 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8642/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8643 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8643/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0798 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0799 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0799/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0800 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0801 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0802 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0802/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0803 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0804 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0805 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0806 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0807 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0808 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0810 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0811 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0812 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0813 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0814 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0815 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0816 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0817 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0818 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0818/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0819 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0820 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0821 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0822 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0823 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0824 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0825 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0826 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0826/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0827 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0827/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0828 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0829 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0830 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0831 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0832 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0833 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0834 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0835 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0836 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2706 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2706/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2708 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2709 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2710 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2711 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2712 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2712/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2713 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2715 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2716 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2717 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2717/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2718 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2721 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2721/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2722 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2722/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2724 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2725 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2726 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2726/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2727 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2728 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2729 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2729/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2730 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2730/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2731 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2731/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2733 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2734 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2734/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2735 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2736 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2737 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2737/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2738 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2739 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2740 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2741 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2742 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2743 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4000 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4473 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4473/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4474 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4474/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4475 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4475/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4476 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4476/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4477 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4478 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4478/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4479 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4479/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4480 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4480/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4481 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4481/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4482 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4482/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4483 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4484 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4484/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4485 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4485/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4486 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4486/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4487 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4487/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4488 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4488/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4489 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4490 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4491 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4492 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4493 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4493/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4495 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4497 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4497/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4498 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4498/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4500 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4501 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4501/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4502 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4502/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4503 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4504 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4504/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4505 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4505/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4506 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4506/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4507 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4507/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4508 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4508/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4509 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4509/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4510 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4510/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4511 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4512 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4512/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4513 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4514 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4514/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4515 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4516 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4517 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4517/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4518 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4518/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4519 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4519/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4520 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4520/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4521 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4521/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4522 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4522/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7174 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7174/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7175 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7175/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7176 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7177 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7178 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7178/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7179 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7180 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7181 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7182 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7183 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7184 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7185 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7186 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7186/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7187 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7188 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7189 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7189/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7190 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7191 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7191/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7192 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7192/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7193 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7193/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7194 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7194/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7195 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7195/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7196 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7196/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7197 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7197/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7198 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7198/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7199 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7199/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7200 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7200/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7201 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7202 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7202/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7203 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7204 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7205 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7207 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7207/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7208 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7210 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7210/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7211 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7211/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7212 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7213 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7213/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7214 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7214/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7215 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7216 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7216/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7217 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7217/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7218 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7219 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7219/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7220 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7221 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7221/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7222 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7222/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7223 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7223/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7575 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7575/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0718 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1930 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1931 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1933 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1933/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1935 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1937 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1938 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1939 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1939/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1942 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1942/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1943 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1944 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1945 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1946 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1946/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1947 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1949 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1950 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1952 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1953 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1954 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1955 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1956 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1957 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1958 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1959 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1960 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1961 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1962 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1963 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1964 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1965 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1966 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1967 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1968 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1970 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1971 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1972 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1973 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1974 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1975 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1976 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1976/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1977 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1977/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1979 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2790 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2791 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2792 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2793 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2794 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2795 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2796 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2797 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2798 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2799 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2799/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2800 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2801 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2802 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2802/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2804 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2806 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2807 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2808 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2809 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2810 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2811 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2812 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2813 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2814 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2815 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2816 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2817 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2818 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2818/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2819 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2820 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2821 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2822 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2824 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2825 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2827 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2827/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2828 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2829 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2830 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2831 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2832 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2833 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2834 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2835 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2836 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2837 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2837/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2838 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2839 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5250 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5250/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5251 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5252 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5252/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5253 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5253/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5254 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5254/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5255 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5255/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5256 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5256/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5257 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5257/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5258 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5258/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5259 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5259/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5260 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5260/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5261 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5261/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5262 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5262/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5263 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5263/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5264 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5264/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5265 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5265/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5266 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5266/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5267 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5267/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5268 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5268/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5270 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5270/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5271 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5271/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5272 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5272/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5273 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5273/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5274 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5274/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5275 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5275/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5276 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5276/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5277 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5277/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5278 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5278/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5279 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5279/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5280 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5280/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5281 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5282 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5282/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5283 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5283/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5284 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5284/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5287 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5287/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5288 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5289 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5289/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5290 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5290/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5291 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5291/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5292 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5292/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5293 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5293/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5294 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5294/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5295 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5295/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5296 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5296/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5297 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5297/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5298 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5298/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5299 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5299/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-6354 page",
"url": "https://www.suse.com/security/cve/CVE-2016-6354/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9061 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9062 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9063 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9064 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9064/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9065 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9066 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9067 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9067/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9068 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9069 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9069/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9070 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9071 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9071/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9072 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9073 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9074 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9075 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9076 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9077 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9078 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9079 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9080 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9893 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9893/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9894 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9895 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9896 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9896/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9897 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9898 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9898/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9899 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9900 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9901 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9902 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9902/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9903 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9904 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9904/"
}
],
"title": "MozillaFirefox-50.1.0-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10071-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-50.1.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-50.1.0-1.1.aarch64",
"product_id": "MozillaFirefox-50.1.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"product_id": "MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"product_id": "MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-50.1.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-devel-50.1.0-1.1.aarch64",
"product_id": "MozillaFirefox-devel-50.1.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"product_id": "MozillaFirefox-translations-common-50.1.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"product_id": "MozillaFirefox-translations-other-50.1.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-50.1.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-50.1.0-1.1.ppc64le",
"product_id": "MozillaFirefox-50.1.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"product_id": "MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"product_id": "MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"product_id": "MozillaFirefox-devel-50.1.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"product_id": "MozillaFirefox-translations-common-50.1.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"product_id": "MozillaFirefox-translations-other-50.1.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-50.1.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-50.1.0-1.1.s390x",
"product_id": "MozillaFirefox-50.1.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"product_id": "MozillaFirefox-branding-upstream-50.1.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"product_id": "MozillaFirefox-buildsymbols-50.1.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-50.1.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-devel-50.1.0-1.1.s390x",
"product_id": "MozillaFirefox-devel-50.1.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"product_id": "MozillaFirefox-translations-common-50.1.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"product_id": "MozillaFirefox-translations-other-50.1.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-50.1.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-50.1.0-1.1.x86_64",
"product_id": "MozillaFirefox-50.1.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"product_id": "MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"product_id": "MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-50.1.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-devel-50.1.0-1.1.x86_64",
"product_id": "MozillaFirefox-devel-50.1.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"product_id": "MozillaFirefox-translations-common-50.1.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-50.1.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-other-50.1.0-1.1.x86_64",
"product_id": "MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-50.1.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-50.1.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-50.1.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-50.1.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-50.1.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-50.1.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-50.1.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-50.1.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-50.1.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-buildsymbols-50.1.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-50.1.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-devel-50.1.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-50.1.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-50.1.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-devel-50.1.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-50.1.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-50.1.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-50.1.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-50.1.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-50.1.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-50.1.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-50.1.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-50.1.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-50.1.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-50.1.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-other-50.1.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-5913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2008-5913"
}
],
"notes": [
{
"category": "general",
"text": "The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses a random number generator that is seeded only once per browser session, which makes it easier for remote attackers to track a user, or trick a user into acting upon a spoofed pop-up message, by calculating the seed value, related to a \"temporary footprint\" and an \"in-session phishing attack.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2008-5913",
"url": "https://www.suse.com/security/cve/CVE-2008-5913"
},
{
"category": "external",
"summary": "SUSE Bug 468762 for CVE-2008-5913",
"url": "https://bugzilla.suse.com/468762"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2008-5913",
"url": "https://bugzilla.suse.com/603356"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2008-5913"
},
{
"cve": "CVE-2009-0040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-0040"
}
],
"notes": [
{
"category": "general",
"text": "The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-0040",
"url": "https://www.suse.com/security/cve/CVE-2009-0040"
},
{
"category": "external",
"summary": "SUSE Bug 472745 for CVE-2009-0040",
"url": "https://bugzilla.suse.com/472745"
},
{
"category": "external",
"summary": "SUSE Bug 478625 for CVE-2009-0040",
"url": "https://bugzilla.suse.com/478625"
},
{
"category": "external",
"summary": "SUSE Bug 608040 for CVE-2009-0040",
"url": "https://bugzilla.suse.com/608040"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-0040"
},
{
"cve": "CVE-2009-0652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-0652"
}
],
"notes": [
{
"category": "general",
"text": "The Internationalized Domain Names (IDN) blacklist in Mozilla Firefox 3.0.6 and other versions before 3.0.9; Thunderbird before 2.0.0.21; and SeaMonkey before 1.1.15 does not include box-drawing characters, which allows remote attackers to spoof URLs and conduct phishing attacks, as demonstrated by homoglyphs of the / (slash) and ? (question mark) characters in a subdomain of a .cn domain name, a different vulnerability than CVE-2005-0233. NOTE: some third parties claim that 3.0.6 is not affected, but much older versions perhaps are affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-0652",
"url": "https://www.suse.com/security/cve/CVE-2009-0652"
},
{
"category": "external",
"summary": "SUSE Bug 495473 for CVE-2009-0652",
"url": "https://bugzilla.suse.com/495473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2009-0652"
},
{
"cve": "CVE-2009-0771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-0771"
}
],
"notes": [
{
"category": "general",
"text": "The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption and assertion failures.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-0771",
"url": "https://www.suse.com/security/cve/CVE-2009-0771"
},
{
"category": "external",
"summary": "SUSE Bug 478625 for CVE-2009-0771",
"url": "https://bugzilla.suse.com/478625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-0771"
},
{
"cve": "CVE-2009-0772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-0772"
}
],
"notes": [
{
"category": "general",
"text": "The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which triggers memory corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-0772",
"url": "https://www.suse.com/security/cve/CVE-2009-0772"
},
{
"category": "external",
"summary": "SUSE Bug 478625 for CVE-2009-0772",
"url": "https://bugzilla.suse.com/478625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-0772"
},
{
"cve": "CVE-2009-0773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-0773"
}
],
"notes": [
{
"category": "general",
"text": "The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains \"some non-set elements,\" which causes jsarray.cpp to pass an incorrect argument to the ResizeSlots function, which triggers memory corruption; (2) vectors related to js_DecompileValueGenerator, jsopcode.cpp, __defineSetter__, and watch, which triggers an assertion failure or a segmentation fault; and (3) vectors related to gczeal, __defineSetter__, and watch, which triggers a hang.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-0773",
"url": "https://www.suse.com/security/cve/CVE-2009-0773"
},
{
"category": "external",
"summary": "SUSE Bug 478625 for CVE-2009-0773",
"url": "https://bugzilla.suse.com/478625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-0773"
},
{
"cve": "CVE-2009-0774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-0774"
}
],
"notes": [
{
"category": "general",
"text": "The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-0774",
"url": "https://www.suse.com/security/cve/CVE-2009-0774"
},
{
"category": "external",
"summary": "SUSE Bug 478625 for CVE-2009-0774",
"url": "https://bugzilla.suse.com/478625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-0774"
},
{
"cve": "CVE-2009-0775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-0775"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via \"cloned XUL DOM elements which were linked as a parent and child,\" which are not properly handled during garbage collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-0775",
"url": "https://www.suse.com/security/cve/CVE-2009-0775"
},
{
"category": "external",
"summary": "SUSE Bug 478625 for CVE-2009-0775",
"url": "https://bugzilla.suse.com/478625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-0775"
},
{
"cve": "CVE-2009-0776",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-0776"
}
],
"notes": [
{
"category": "general",
"text": "nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-0776",
"url": "https://www.suse.com/security/cve/CVE-2009-0776"
},
{
"category": "external",
"summary": "SUSE Bug 465291 for CVE-2009-0776",
"url": "https://bugzilla.suse.com/465291"
},
{
"category": "external",
"summary": "SUSE Bug 478625 for CVE-2009-0776",
"url": "https://bugzilla.suse.com/478625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2009-0776"
},
{
"cve": "CVE-2009-0777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-0777"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 decode invisible characters when they are displayed in the location bar, which causes an incorrect address to be displayed and makes it easier for remote attackers to spoof URLs and conduct phishing attacks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-0777",
"url": "https://www.suse.com/security/cve/CVE-2009-0777"
},
{
"category": "external",
"summary": "SUSE Bug 478625 for CVE-2009-0777",
"url": "https://bugzilla.suse.com/478625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-0777"
},
{
"cve": "CVE-2009-1044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1044"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 3.0.7 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors related to the _moveToEdgeShift XUL tree method, which triggers garbage collection on objects that are still in use, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1044",
"url": "https://www.suse.com/security/cve/CVE-2009-1044"
},
{
"category": "external",
"summary": "SUSE Bug 465291 for CVE-2009-1044",
"url": "https://bugzilla.suse.com/465291"
},
{
"category": "external",
"summary": "SUSE Bug 488955 for CVE-2009-1044",
"url": "https://bugzilla.suse.com/488955"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-1044"
},
{
"cve": "CVE-2009-1169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1169"
}
],
"notes": [
{
"category": "general",
"text": "The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox before 3.0.8 and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XML file with a crafted XSLT transform.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1169",
"url": "https://www.suse.com/security/cve/CVE-2009-1169"
},
{
"category": "external",
"summary": "SUSE Bug 488955 for CVE-2009-1169",
"url": "https://bugzilla.suse.com/488955"
},
{
"category": "external",
"summary": "SUSE Bug 509766 for CVE-2009-1169",
"url": "https://bugzilla.suse.com/509766"
},
{
"category": "external",
"summary": "SUSE Bug 510964 for CVE-2009-1169",
"url": "https://bugzilla.suse.com/510964"
},
{
"category": "external",
"summary": "SUSE Bug 515951 for CVE-2009-1169",
"url": "https://bugzilla.suse.com/515951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-1169"
},
{
"cve": "CVE-2009-1302",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1302"
}
],
"notes": [
{
"category": "general",
"text": "The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to (1) nsAsyncInstantiateEvent::Run, (2) nsStyleContext::Destroy, (3) nsComputedDOMStyle::GetWidth, (4) the xslt_attributeset_ImportSameName.html test case for the XSLT stylesheet compiler, (5) nsXULDocument::SynchronizeBroadcastListener, (6) IsBindingAncestor, (7) PL_DHashTableOperate and nsEditor::EndUpdateViewBatch, and (8) gfxSkipCharsIterator::SetOffsets, and other vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1302",
"url": "https://www.suse.com/security/cve/CVE-2009-1302"
},
{
"category": "external",
"summary": "SUSE Bug 495473 for CVE-2009-1302",
"url": "https://bugzilla.suse.com/495473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-1302"
},
{
"cve": "CVE-2009-1303",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1303"
}
],
"notes": [
{
"category": "general",
"text": "The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to nsSVGElement::BindToTree.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1303",
"url": "https://www.suse.com/security/cve/CVE-2009-1303"
},
{
"category": "external",
"summary": "SUSE Bug 495473 for CVE-2009-1303",
"url": "https://bugzilla.suse.com/495473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-1303"
},
{
"cve": "CVE-2009-1304",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1304"
}
],
"notes": [
{
"category": "general",
"text": "The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definitions of Math and Date; and (2) js_CheckRedeclaration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1304",
"url": "https://www.suse.com/security/cve/CVE-2009-1304"
},
{
"category": "external",
"summary": "SUSE Bug 495473 for CVE-2009-1304",
"url": "https://bugzilla.suse.com/495473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-1304"
},
{
"cve": "CVE-2009-1305",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1305"
}
],
"notes": [
{
"category": "general",
"text": "The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving JSOP_DEFVAR and properties that lack the JSPROP_PERMANENT attribute.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1305",
"url": "https://www.suse.com/security/cve/CVE-2009-1305"
},
{
"category": "external",
"summary": "SUSE Bug 495473 for CVE-2009-1305",
"url": "https://bugzilla.suse.com/495473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-1305"
},
{
"cve": "CVE-2009-1306",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1306"
}
],
"notes": [
{
"category": "general",
"text": "The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a \"Content-Disposition: attachment\" designation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1306",
"url": "https://www.suse.com/security/cve/CVE-2009-1306"
},
{
"category": "external",
"summary": "SUSE Bug 495473 for CVE-2009-1306",
"url": "https://bugzilla.suse.com/495473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-1306"
},
{
"cve": "CVE-2009-1307",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1307"
}
],
"notes": [
{
"category": "general",
"text": "The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modify Local Shared Objects via a Flash file; or (3) bypass unspecified restrictions and render content via vectors involving a jar: URI.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1307",
"url": "https://www.suse.com/security/cve/CVE-2009-1307"
},
{
"category": "external",
"summary": "SUSE Bug 495473 for CVE-2009-1307",
"url": "https://bugzilla.suse.com/495473"
},
{
"category": "external",
"summary": "SUSE Bug 515951 for CVE-2009-1307",
"url": "https://bugzilla.suse.com/515951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-1307"
},
{
"cve": "CVE-2009-1308",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1308"
}
],
"notes": [
{
"category": "general",
"text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in the wild by a March 2009 eBay listing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1308",
"url": "https://www.suse.com/security/cve/CVE-2009-1308"
},
{
"category": "external",
"summary": "SUSE Bug 495473 for CVE-2009-1308",
"url": "https://bugzilla.suse.com/495473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-1308"
},
{
"cve": "CVE-2009-1309",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1309"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document\u0027s principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via a crafted document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1309",
"url": "https://www.suse.com/security/cve/CVE-2009-1309"
},
{
"category": "external",
"summary": "SUSE Bug 495473 for CVE-2009-1309",
"url": "https://bugzilla.suse.com/495473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-1309"
},
{
"cve": "CVE-2009-1310",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1310"
}
],
"notes": [
{
"category": "general",
"text": "Cross-site scripting (XSS) vulnerability in the MozSearch plugin implementation in Mozilla Firefox before 3.0.9 allows user-assisted remote attackers to inject arbitrary web script or HTML via a javascript: URI in the SearchForm element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1310",
"url": "https://www.suse.com/security/cve/CVE-2009-1310"
},
{
"category": "external",
"summary": "SUSE Bug 495473 for CVE-2009-1310",
"url": "https://bugzilla.suse.com/495473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-1310"
},
{
"cve": "CVE-2009-1311",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1311"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame\u0027s URL during a SAVEMODE_FILEONLY save of the inner frame.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1311",
"url": "https://www.suse.com/security/cve/CVE-2009-1311"
},
{
"category": "external",
"summary": "SUSE Bug 465291 for CVE-2009-1311",
"url": "https://bugzilla.suse.com/465291"
},
{
"category": "external",
"summary": "SUSE Bug 495473 for CVE-2009-1311",
"url": "https://bugzilla.suse.com/495473"
},
{
"category": "external",
"summary": "SUSE Bug 515951 for CVE-2009-1311",
"url": "https://bugzilla.suse.com/515951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-1311"
},
{
"cve": "CVE-2009-1312",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1312"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header. NOTE: it was later reported that Firefox 3.6 a1 pre and Mozilla 1.7.x and earlier are also affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1312",
"url": "https://www.suse.com/security/cve/CVE-2009-1312"
},
{
"category": "external",
"summary": "SUSE Bug 495473 for CVE-2009-1312",
"url": "https://bugzilla.suse.com/495473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-1312"
},
{
"cve": "CVE-2009-1313",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1313"
}
],
"notes": [
{
"category": "general",
"text": "The nsTextFrame::ClearTextRun function in layout/generic/nsTextFrameThebes.cpp in Mozilla Firefox 3.0.9 allows remote attackers to cause a denial of service (memory corruption) and probably execute arbitrary code via unspecified vectors. NOTE: this vulnerability reportedly exists because of an incorrect fix for CVE-2009-1302.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1313",
"url": "https://www.suse.com/security/cve/CVE-2009-1313"
},
{
"category": "external",
"summary": "SUSE Bug 500909 for CVE-2009-1313",
"url": "https://bugzilla.suse.com/500909"
},
{
"category": "external",
"summary": "SUSE Bug 502062 for CVE-2009-1313",
"url": "https://bugzilla.suse.com/502062"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-1313"
},
{
"cve": "CVE-2009-1563",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1563"
}
],
"notes": [
{
"category": "general",
"text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-0689. Reason: This candidate is a duplicate of CVE-2009-0689. Certain codebase relationships were not originally clear. Notes: All CVE users should reference CVE-2009-0689 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1563",
"url": "https://www.suse.com/security/cve/CVE-2009-1563"
},
{
"category": "external",
"summary": "SUSE Bug 522109 for CVE-2009-1563",
"url": "https://bugzilla.suse.com/522109"
},
{
"category": "external",
"summary": "SUSE Bug 545277 for CVE-2009-1563",
"url": "https://bugzilla.suse.com/545277"
},
{
"category": "external",
"summary": "SUSE Bug 546371 for CVE-2009-1563",
"url": "https://bugzilla.suse.com/546371"
},
{
"category": "external",
"summary": "SUSE Bug 557126 for CVE-2009-1563",
"url": "https://bugzilla.suse.com/557126"
},
{
"category": "external",
"summary": "SUSE Bug 557127 for CVE-2009-1563",
"url": "https://bugzilla.suse.com/557127"
},
{
"category": "external",
"summary": "SUSE Bug 557128 for CVE-2009-1563",
"url": "https://bugzilla.suse.com/557128"
},
{
"category": "external",
"summary": "SUSE Bug 557671 for CVE-2009-1563",
"url": "https://bugzilla.suse.com/557671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-1563"
},
{
"cve": "CVE-2009-2470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-2470"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.0.12, and 3.5.x before 3.5.2, allows remote SOCKS5 proxy servers to cause a denial of service (data stream corruption) via a long domain name in a reply.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-2470",
"url": "https://www.suse.com/security/cve/CVE-2009-2470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-2470"
},
{
"cve": "CVE-2009-2654",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-2654"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to spoof the address bar, and possibly conduct phishing attacks, via a crafted web page that calls window.open with an invalid character in the URL, makes document.write calls to the resulting object, and then calls the stop method during the loading of the error page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-2654",
"url": "https://www.suse.com/security/cve/CVE-2009-2654"
},
{
"category": "external",
"summary": "SUSE Bug 527489 for CVE-2009-2654",
"url": "https://bugzilla.suse.com/527489"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-2654"
},
{
"cve": "CVE-2009-3069",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3069"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3069",
"url": "https://www.suse.com/security/cve/CVE-2009-3069"
},
{
"category": "external",
"summary": "SUSE Bug 534458 for CVE-2009-3069",
"url": "https://bugzilla.suse.com/534458"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3069"
},
{
"cve": "CVE-2009-3070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3070"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3070",
"url": "https://www.suse.com/security/cve/CVE-2009-3070"
},
{
"category": "external",
"summary": "SUSE Bug 534458 for CVE-2009-3070",
"url": "https://bugzilla.suse.com/534458"
},
{
"category": "external",
"summary": "SUSE Bug 538290 for CVE-2009-3070",
"url": "https://bugzilla.suse.com/538290"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3070"
},
{
"cve": "CVE-2009-3071",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3071"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3071",
"url": "https://www.suse.com/security/cve/CVE-2009-3071"
},
{
"category": "external",
"summary": "SUSE Bug 534458 for CVE-2009-3071",
"url": "https://bugzilla.suse.com/534458"
},
{
"category": "external",
"summary": "SUSE Bug 538290 for CVE-2009-3071",
"url": "https://bugzilla.suse.com/538290"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3071"
},
{
"cve": "CVE-2009-3072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3072"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the BinHex decoder in netwerk/streamconv/converters/nsBinHexDecoder.cpp, and unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3072",
"url": "https://www.suse.com/security/cve/CVE-2009-3072"
},
{
"category": "external",
"summary": "SUSE Bug 534458 for CVE-2009-3072",
"url": "https://bugzilla.suse.com/534458"
},
{
"category": "external",
"summary": "SUSE Bug 538290 for CVE-2009-3072",
"url": "https://bugzilla.suse.com/538290"
},
{
"category": "external",
"summary": "SUSE Bug 590499 for CVE-2009-3072",
"url": "https://bugzilla.suse.com/590499"
},
{
"category": "external",
"summary": "SUSE Bug 607935 for CVE-2009-3072",
"url": "https://bugzilla.suse.com/607935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3072"
},
{
"cve": "CVE-2009-3073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3073"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3073",
"url": "https://www.suse.com/security/cve/CVE-2009-3073"
},
{
"category": "external",
"summary": "SUSE Bug 534458 for CVE-2009-3073",
"url": "https://bugzilla.suse.com/534458"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3073"
},
{
"cve": "CVE-2009-3074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3074"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the JavaScript engine in Mozilla Firefox before 3.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3074",
"url": "https://www.suse.com/security/cve/CVE-2009-3074"
},
{
"category": "external",
"summary": "SUSE Bug 538290 for CVE-2009-3074",
"url": "https://bugzilla.suse.com/538290"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3074"
},
{
"cve": "CVE-2009-3075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3075"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.2, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to use of mutable strings in the js_StringReplaceHelper function in js/src/jsstr.cpp, and unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3075",
"url": "https://www.suse.com/security/cve/CVE-2009-3075"
},
{
"category": "external",
"summary": "SUSE Bug 534458 for CVE-2009-3075",
"url": "https://bugzilla.suse.com/534458"
},
{
"category": "external",
"summary": "SUSE Bug 538290 for CVE-2009-3075",
"url": "https://bugzilla.suse.com/538290"
},
{
"category": "external",
"summary": "SUSE Bug 590499 for CVE-2009-3075",
"url": "https://bugzilla.suse.com/590499"
},
{
"category": "external",
"summary": "SUSE Bug 607935 for CVE-2009-3075",
"url": "https://bugzilla.suse.com/607935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3075"
},
{
"cve": "CVE-2009-3077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3077"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not properly manage pointers for the columns (aka TreeColumns) of a XUL tree element, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to a \"dangling pointer vulnerability.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3077",
"url": "https://www.suse.com/security/cve/CVE-2009-3077"
},
{
"category": "external",
"summary": "SUSE Bug 534458 for CVE-2009-3077",
"url": "https://bugzilla.suse.com/534458"
},
{
"category": "external",
"summary": "SUSE Bug 538290 for CVE-2009-3077",
"url": "https://bugzilla.suse.com/538290"
},
{
"category": "external",
"summary": "SUSE Bug 590499 for CVE-2009-3077",
"url": "https://bugzilla.suse.com/590499"
},
{
"category": "external",
"summary": "SUSE Bug 607935 for CVE-2009-3077",
"url": "https://bugzilla.suse.com/607935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3077"
},
{
"cve": "CVE-2009-3078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3078"
}
],
"notes": [
{
"category": "general",
"text": "Visual truncation vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to trigger a vertical scroll and spoof URLs via unspecified Unicode characters with a tall line-height property.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3078",
"url": "https://www.suse.com/security/cve/CVE-2009-3078"
},
{
"category": "external",
"summary": "SUSE Bug 534458 for CVE-2009-3078",
"url": "https://bugzilla.suse.com/534458"
},
{
"category": "external",
"summary": "SUSE Bug 538290 for CVE-2009-3078",
"url": "https://bugzilla.suse.com/538290"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3078"
},
{
"cve": "CVE-2009-3079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3079"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3079",
"url": "https://www.suse.com/security/cve/CVE-2009-3079"
},
{
"category": "external",
"summary": "SUSE Bug 534458 for CVE-2009-3079",
"url": "https://bugzilla.suse.com/534458"
},
{
"category": "external",
"summary": "SUSE Bug 538290 for CVE-2009-3079",
"url": "https://bugzilla.suse.com/538290"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3079"
},
{
"cve": "CVE-2009-3274",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3274"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions, and 3.0.14 and earlier 2.x and 3.x versions, on Linux uses a predictable /tmp pathname for files selected from the Downloads window, which allows local users to replace an arbitrary downloaded file by placing a file in a /tmp location before the download occurs, related to the Download Manager component. NOTE: some of these details are obtained from third party information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3274",
"url": "https://www.suse.com/security/cve/CVE-2009-3274"
},
{
"category": "external",
"summary": "SUSE Bug 522109 for CVE-2009-3274",
"url": "https://bugzilla.suse.com/522109"
},
{
"category": "external",
"summary": "SUSE Bug 534458 for CVE-2009-3274",
"url": "https://bugzilla.suse.com/534458"
},
{
"category": "external",
"summary": "SUSE Bug 545277 for CVE-2009-3274",
"url": "https://bugzilla.suse.com/545277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2009-3274"
},
{
"cve": "CVE-2009-3370",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3370"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote attackers to read form history by forging mouse and keyboard events that leverage the auto-fill feature to populate form fields, in an attacker-readable form, with history entries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3370",
"url": "https://www.suse.com/security/cve/CVE-2009-3370"
},
{
"category": "external",
"summary": "SUSE Bug 522109 for CVE-2009-3370",
"url": "https://bugzilla.suse.com/522109"
},
{
"category": "external",
"summary": "SUSE Bug 545277 for CVE-2009-3370",
"url": "https://bugzilla.suse.com/545277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3370"
},
{
"cve": "CVE-2009-3371",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3371"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by creating JavaScript web-workers recursively.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3371",
"url": "https://www.suse.com/security/cve/CVE-2009-3371"
},
{
"category": "external",
"summary": "SUSE Bug 522109 for CVE-2009-3371",
"url": "https://bugzilla.suse.com/522109"
},
{
"category": "external",
"summary": "SUSE Bug 545277 for CVE-2009-3371",
"url": "https://bugzilla.suse.com/545277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3371"
},
{
"cve": "CVE-2009-3372",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3372"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration (PAC) file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3372",
"url": "https://www.suse.com/security/cve/CVE-2009-3372"
},
{
"category": "external",
"summary": "SUSE Bug 522109 for CVE-2009-3372",
"url": "https://bugzilla.suse.com/522109"
},
{
"category": "external",
"summary": "SUSE Bug 545277 for CVE-2009-3372",
"url": "https://bugzilla.suse.com/545277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3372"
},
{
"cve": "CVE-2009-3373",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3373"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3373",
"url": "https://www.suse.com/security/cve/CVE-2009-3373"
},
{
"category": "external",
"summary": "SUSE Bug 522109 for CVE-2009-3373",
"url": "https://bugzilla.suse.com/522109"
},
{
"category": "external",
"summary": "SUSE Bug 545277 for CVE-2009-3373",
"url": "https://bugzilla.suse.com/545277"
},
{
"category": "external",
"summary": "SUSE Bug 557686 for CVE-2009-3373",
"url": "https://bugzilla.suse.com/557686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3373"
},
{
"cve": "CVE-2009-3374",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3374"
}
],
"notes": [
{
"category": "general",
"text": "The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via unspecified method calls, related to \"doubly-wrapped objects.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3374",
"url": "https://www.suse.com/security/cve/CVE-2009-3374"
},
{
"category": "external",
"summary": "SUSE Bug 522109 for CVE-2009-3374",
"url": "https://bugzilla.suse.com/522109"
},
{
"category": "external",
"summary": "SUSE Bug 545277 for CVE-2009-3374",
"url": "https://bugzilla.suse.com/545277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2009-3374"
},
{
"cve": "CVE-2009-3375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3375"
}
],
"notes": [
{
"category": "general",
"text": "content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allows user-assisted remote attackers to bypass the Same Origin Policy and read an arbitrary content selection via the document.getSelection function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3375",
"url": "https://www.suse.com/security/cve/CVE-2009-3375"
},
{
"category": "external",
"summary": "SUSE Bug 522109 for CVE-2009-3375",
"url": "https://bugzilla.suse.com/522109"
},
{
"category": "external",
"summary": "SUSE Bug 545277 for CVE-2009-3375",
"url": "https://bugzilla.suse.com/545277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3375"
},
{
"cve": "CVE-2009-3376",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3376"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof file extensions via a crafted filename, as demonstrated by displaying a non-executable extension for an executable file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3376",
"url": "https://www.suse.com/security/cve/CVE-2009-3376"
},
{
"category": "external",
"summary": "SUSE Bug 522109 for CVE-2009-3376",
"url": "https://bugzilla.suse.com/522109"
},
{
"category": "external",
"summary": "SUSE Bug 545277 for CVE-2009-3376",
"url": "https://bugzilla.suse.com/545277"
},
{
"category": "external",
"summary": "SUSE Bug 590499 for CVE-2009-3376",
"url": "https://bugzilla.suse.com/590499"
},
{
"category": "external",
"summary": "SUSE Bug 607935 for CVE-2009-3376",
"url": "https://bugzilla.suse.com/607935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3376"
},
{
"cve": "CVE-2009-3377",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3377"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in liboggz before cf5feeaab69b05e24, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3377",
"url": "https://www.suse.com/security/cve/CVE-2009-3377"
},
{
"category": "external",
"summary": "SUSE Bug 522109 for CVE-2009-3377",
"url": "https://bugzilla.suse.com/522109"
},
{
"category": "external",
"summary": "SUSE Bug 545277 for CVE-2009-3377",
"url": "https://bugzilla.suse.com/545277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3377"
},
{
"cve": "CVE-2009-3378",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3378"
}
],
"notes": [
{
"category": "general",
"text": "The oggplay_data_handle_theora_frame function in media/liboggplay/src/liboggplay/oggplay_data.c in liboggplay, as used in Mozilla Firefox 3.5.x before 3.5.4, attempts to reuse an earlier frame data structure upon encountering a decoding error for the first frame, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via a crafted .ogg video file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3378",
"url": "https://www.suse.com/security/cve/CVE-2009-3378"
},
{
"category": "external",
"summary": "SUSE Bug 522109 for CVE-2009-3378",
"url": "https://bugzilla.suse.com/522109"
},
{
"category": "external",
"summary": "SUSE Bug 545277 for CVE-2009-3378",
"url": "https://bugzilla.suse.com/545277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3378"
},
{
"cve": "CVE-2009-3379",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3379"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. NOTE: this might overlap CVE-2009-2663.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3379",
"url": "https://www.suse.com/security/cve/CVE-2009-3379"
},
{
"category": "external",
"summary": "SUSE Bug 522109 for CVE-2009-3379",
"url": "https://bugzilla.suse.com/522109"
},
{
"category": "external",
"summary": "SUSE Bug 545277 for CVE-2009-3379",
"url": "https://bugzilla.suse.com/545277"
},
{
"category": "external",
"summary": "SUSE Bug 608192 for CVE-2009-3379",
"url": "https://bugzilla.suse.com/608192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3379"
},
{
"cve": "CVE-2009-3380",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3380"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3380",
"url": "https://www.suse.com/security/cve/CVE-2009-3380"
},
{
"category": "external",
"summary": "SUSE Bug 522109 for CVE-2009-3380",
"url": "https://bugzilla.suse.com/522109"
},
{
"category": "external",
"summary": "SUSE Bug 545277 for CVE-2009-3380",
"url": "https://bugzilla.suse.com/545277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2009-3380"
},
{
"cve": "CVE-2009-3381",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3381"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3381",
"url": "https://www.suse.com/security/cve/CVE-2009-3381"
},
{
"category": "external",
"summary": "SUSE Bug 522109 for CVE-2009-3381",
"url": "https://bugzilla.suse.com/522109"
},
{
"category": "external",
"summary": "SUSE Bug 545277 for CVE-2009-3381",
"url": "https://bugzilla.suse.com/545277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3381"
},
{
"cve": "CVE-2009-3383",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3383"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3383",
"url": "https://www.suse.com/security/cve/CVE-2009-3383"
},
{
"category": "external",
"summary": "SUSE Bug 522109 for CVE-2009-3383",
"url": "https://bugzilla.suse.com/522109"
},
{
"category": "external",
"summary": "SUSE Bug 545277 for CVE-2009-3383",
"url": "https://bugzilla.suse.com/545277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3383"
},
{
"cve": "CVE-2009-3388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3388"
}
],
"notes": [
{
"category": "general",
"text": "liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before 2.0.1 might allow context-dependent attackers to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors, related to \"memory safety issues.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3388",
"url": "https://www.suse.com/security/cve/CVE-2009-3388"
},
{
"category": "external",
"summary": "SUSE Bug 559807 for CVE-2009-3388",
"url": "https://bugzilla.suse.com/559807"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3388"
},
{
"cve": "CVE-2009-3389",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3389"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used in Mozilla Firefox 3.5 before 3.5.6 and SeaMonkey before 2.0.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a video with large dimensions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3389",
"url": "https://www.suse.com/security/cve/CVE-2009-3389"
},
{
"category": "external",
"summary": "SUSE Bug 559807 for CVE-2009-3389",
"url": "https://bugzilla.suse.com/559807"
},
{
"category": "external",
"summary": "SUSE Bug 581722 for CVE-2009-3389",
"url": "https://bugzilla.suse.com/581722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3389"
},
{
"cve": "CVE-2009-3555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3555"
}
],
"notes": [
{
"category": "general",
"text": "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3555",
"url": "https://www.suse.com/security/cve/CVE-2009-3555"
},
{
"category": "external",
"summary": "SUSE Bug 1077582 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/1077582"
},
{
"category": "external",
"summary": "SUSE Bug 459468 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/459468"
},
{
"category": "external",
"summary": "SUSE Bug 552497 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/552497"
},
{
"category": "external",
"summary": "SUSE Bug 553641 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/553641"
},
{
"category": "external",
"summary": "SUSE Bug 554069 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/554069"
},
{
"category": "external",
"summary": "SUSE Bug 554084 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/554084"
},
{
"category": "external",
"summary": "SUSE Bug 554085 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/554085"
},
{
"category": "external",
"summary": "SUSE Bug 555177 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/555177"
},
{
"category": "external",
"summary": "SUSE Bug 557168 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/557168"
},
{
"category": "external",
"summary": "SUSE Bug 564507 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/564507"
},
{
"category": "external",
"summary": "SUSE Bug 566041 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/566041"
},
{
"category": "external",
"summary": "SUSE Bug 584292 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/584292"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/586567"
},
{
"category": "external",
"summary": "SUSE Bug 588996 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/588996"
},
{
"category": "external",
"summary": "SUSE Bug 590826 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/590826"
},
{
"category": "external",
"summary": "SUSE Bug 592589 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/592589"
},
{
"category": "external",
"summary": "SUSE Bug 594415 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/594415"
},
{
"category": "external",
"summary": "SUSE Bug 604782 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/604782"
},
{
"category": "external",
"summary": "SUSE Bug 614753 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/614753"
},
{
"category": "external",
"summary": "SUSE Bug 622073 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/622073"
},
{
"category": "external",
"summary": "SUSE Bug 623905 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/623905"
},
{
"category": "external",
"summary": "SUSE Bug 629905 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/629905"
},
{
"category": "external",
"summary": "SUSE Bug 642531 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/642531"
},
{
"category": "external",
"summary": "SUSE Bug 646073 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/646073"
},
{
"category": "external",
"summary": "SUSE Bug 646906 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/646906"
},
{
"category": "external",
"summary": "SUSE Bug 648140 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/648140"
},
{
"category": "external",
"summary": "SUSE Bug 648950 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/648950"
},
{
"category": "external",
"summary": "SUSE Bug 659926 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/659926"
},
{
"category": "external",
"summary": "SUSE Bug 670152 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/670152"
},
{
"category": "external",
"summary": "SUSE Bug 704832 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/704832"
},
{
"category": "external",
"summary": "SUSE Bug 728876 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/728876"
},
{
"category": "external",
"summary": "SUSE Bug 729181 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/729181"
},
{
"category": "external",
"summary": "SUSE Bug 753357 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/753357"
},
{
"category": "external",
"summary": "SUSE Bug 791794 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/791794"
},
{
"category": "external",
"summary": "SUSE Bug 799454 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/799454"
},
{
"category": "external",
"summary": "SUSE Bug 815621 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/815621"
},
{
"category": "external",
"summary": "SUSE Bug 905347 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/905347"
},
{
"category": "external",
"summary": "SUSE Bug 979060 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/979060"
},
{
"category": "external",
"summary": "SUSE Bug 986238 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/986238"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3555"
},
{
"cve": "CVE-2009-3979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3979"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3979",
"url": "https://www.suse.com/security/cve/CVE-2009-3979"
},
{
"category": "external",
"summary": "SUSE Bug 559807 for CVE-2009-3979",
"url": "https://bugzilla.suse.com/559807"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3979"
},
{
"cve": "CVE-2009-3980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3980"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3980",
"url": "https://www.suse.com/security/cve/CVE-2009-3980"
},
{
"category": "external",
"summary": "SUSE Bug 559807 for CVE-2009-3980",
"url": "https://bugzilla.suse.com/559807"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3980"
},
{
"cve": "CVE-2009-3982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3982"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3982",
"url": "https://www.suse.com/security/cve/CVE-2009-3982"
},
{
"category": "external",
"summary": "SUSE Bug 559807 for CVE-2009-3982",
"url": "https://bugzilla.suse.com/559807"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3982"
},
{
"cve": "CVE-2009-3983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3983"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3983",
"url": "https://www.suse.com/security/cve/CVE-2009-3983"
},
{
"category": "external",
"summary": "SUSE Bug 559807 for CVE-2009-3983",
"url": "https://bugzilla.suse.com/559807"
},
{
"category": "external",
"summary": "SUSE Bug 590499 for CVE-2009-3983",
"url": "https://bugzilla.suse.com/590499"
},
{
"category": "external",
"summary": "SUSE Bug 607935 for CVE-2009-3983",
"url": "https://bugzilla.suse.com/607935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3983"
},
{
"cve": "CVE-2009-3984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3984"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to spoof an SSL indicator for an http URL or a file URL by setting document.location to an https URL corresponding to a site that responds with a No Content (aka 204) status code and an empty body.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3984",
"url": "https://www.suse.com/security/cve/CVE-2009-3984"
},
{
"category": "external",
"summary": "SUSE Bug 559807 for CVE-2009-3984",
"url": "https://bugzilla.suse.com/559807"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3984"
},
{
"cve": "CVE-2009-3985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3985"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3985",
"url": "https://www.suse.com/security/cve/CVE-2009-3985"
},
{
"category": "external",
"summary": "SUSE Bug 559807 for CVE-2009-3985",
"url": "https://bugzilla.suse.com/559807"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3985"
},
{
"cve": "CVE-2010-0164",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0164"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the imgContainer::InternalAddFrameHelper function in src/imgContainer.cpp in libpr0n in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace animation in which the frames have different bits-per-pixel (bpp) values.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0164",
"url": "https://www.suse.com/security/cve/CVE-2010-0164"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-0164"
},
{
"cve": "CVE-2010-0165",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0165"
}
],
"notes": [
{
"category": "general",
"text": "The TraceRecorder::traverseScopeChain function in js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via vectors involving certain indirect calls to the JavaScript eval function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0165",
"url": "https://www.suse.com/security/cve/CVE-2010-0165"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-0165"
},
{
"cve": "CVE-2010-0166",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0166"
}
],
"notes": [
{
"category": "general",
"text": "The gfxTextRun::SanitizeGlyphRuns function in gfx/thebes/src/gfxFont.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 on Mac OS X, when the Core Text API is used, does not properly perform certain deletions, which allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via an HTML document containing invisible Unicode characters, as demonstrated by the U+FEFF, U+FFF9, U+FFFA, and U+FFFB characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0166",
"url": "https://www.suse.com/security/cve/CVE-2010-0166"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-0166"
},
{
"cve": "CVE-2010-0167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0167"
}
],
"notes": [
{
"category": "general",
"text": "The browser engine in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via vectors related to (1) layout/generic/nsBlockFrame.cpp and (2) the _evaluate function in modules/plugin/base/src/nsNPAPIPlugin.cpp.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0167",
"url": "https://www.suse.com/security/cve/CVE-2010-0167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-0167"
},
{
"cve": "CVE-2010-0168",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0168"
}
],
"notes": [
{
"category": "general",
"text": "The nsDocument::MaybePreLoadImage function in content/base/src/nsDocument.cpp in the image-preloading implementation in Mozilla Firefox 3.6 before 3.6.2 does not apply scheme restrictions and policy restrictions to the image\u0027s URL, which might allow remote attackers to cause a denial of service (application crash or hang) or hijack the functionality of the browser\u0027s add-ons via a crafted SRC attribute of an IMG element, as demonstrated by remote command execution through an ssh: URL in a configuration that supports gnome-vfs with a nonstandard network.gnomevfs.supported-protocols setting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0168",
"url": "https://www.suse.com/security/cve/CVE-2010-0168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2010-0168"
},
{
"cve": "CVE-2010-0169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0169"
}
],
"notes": [
{
"category": "general",
"text": "The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to the XUL cache, which might allow remote attackers to modify the browser\u0027s font and other CSS attributes, and potentially disrupt rendering of a web page, by forcing the browser to perform this erroneous stylesheet caching.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0169",
"url": "https://www.suse.com/security/cve/CVE-2010-0169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-0169"
},
{
"cve": "CVE-2010-0170",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0170"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 3.6 before 3.6.2 does not offer plugins the expected window.location protection mechanism, which might allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors that are specific to each affected plugin.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0170",
"url": "https://www.suse.com/security/cve/CVE-2010-0170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-0170"
},
{
"cve": "CVE-2010-0171",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0171"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allow remote attackers to perform cross-origin keystroke capture, and possibly conduct cross-site scripting (XSS) attacks, by using the addEventListener and setTimeout functions in conjunction with a wrapped object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2007-3736.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0171",
"url": "https://www.suse.com/security/cve/CVE-2010-0171"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-0171"
},
{
"cve": "CVE-2010-0172",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0172"
}
],
"notes": [
{
"category": "general",
"text": "toolkit/components/passwordmgr/src/nsLoginManagerPrompter.js in the asynchronous Authorization Prompt implementation in Mozilla Firefox 3.6 before 3.6.2 does not properly handle concurrent authorization requests from multiple web sites, which might allow remote web servers to spoof an authorization dialog and capture credentials by demanding HTTP authentication in opportunistic circumstances.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0172",
"url": "https://www.suse.com/security/cve/CVE-2010-0172"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-0172"
},
{
"cve": "CVE-2010-0173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0173"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0173",
"url": "https://www.suse.com/security/cve/CVE-2010-0173"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2010-0173",
"url": "https://bugzilla.suse.com/586567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-0173"
},
{
"cve": "CVE-2010-0174",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0174"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0174",
"url": "https://www.suse.com/security/cve/CVE-2010-0174"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2010-0174",
"url": "https://bugzilla.suse.com/586567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-0174"
},
{
"cve": "CVE-2010-0176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0176"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to execute arbitrary code via unspecified vectors that trigger access to deleted elements, related to a \"dangling pointer vulnerability.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0176",
"url": "https://www.suse.com/security/cve/CVE-2010-0176"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2010-0176",
"url": "https://bugzilla.suse.com/586567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-0176"
},
{
"cve": "CVE-2010-0177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0177"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to a \"dangling pointer vulnerability.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0177",
"url": "https://www.suse.com/security/cve/CVE-2010-0177"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2010-0177",
"url": "https://bugzilla.suse.com/586567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-0177"
},
{
"cve": "CVE-2010-0178",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0178"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL and then loading a javascript: URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0178",
"url": "https://www.suse.com/security/cve/CVE-2010-0178"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2010-0178",
"url": "https://bugzilla.suse.com/586567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2010-0178"
},
{
"cve": "CVE-2010-0181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0181"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many images.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0181",
"url": "https://www.suse.com/security/cve/CVE-2010-0181"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2010-0181",
"url": "https://bugzilla.suse.com/586567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-0181"
},
{
"cve": "CVE-2010-0182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0182"
}
],
"notes": [
{
"category": "general",
"text": "The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows attackers to bypass intended access restrictions via crafted content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0182",
"url": "https://www.suse.com/security/cve/CVE-2010-0182"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2010-0182",
"url": "https://bugzilla.suse.com/586567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-0182"
},
{
"cve": "CVE-2010-0654",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0654"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 permit cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0654",
"url": "https://www.suse.com/security/cve/CVE-2010-0654"
},
{
"category": "external",
"summary": "SUSE Bug 583603 for CVE-2010-0654",
"url": "https://bugzilla.suse.com/583603"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-0654",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-0654"
},
{
"cve": "CVE-2010-1028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1028"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the decompression functionality in the Web Open Fonts Format (WOFF) decoder in Mozilla Firefox 3.6 before 3.6.2 and 3.7 before 3.7 alpha 3 allows remote attackers to execute arbitrary code via a crafted WOFF file that triggers a buffer overflow, as demonstrated by the vd_ff module in VulnDisco 9.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1028",
"url": "https://www.suse.com/security/cve/CVE-2010-1028"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1028"
},
{
"cve": "CVE-2010-1121",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1121"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving improper interaction with garbage collection, as demonstrated by Nils during a Pwn2Own competition at CanSecWest 2010.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1121",
"url": "https://www.suse.com/security/cve/CVE-2010-1121"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1121",
"url": "https://bugzilla.suse.com/603356"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1121"
},
{
"cve": "CVE-2010-1125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1125"
}
],
"notes": [
{
"category": "general",
"text": "The JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1125",
"url": "https://www.suse.com/security/cve/CVE-2010-1125"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1125",
"url": "https://bugzilla.suse.com/603356"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-1125"
},
{
"cve": "CVE-2010-1196",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1196"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1196",
"url": "https://www.suse.com/security/cve/CVE-2010-1196"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1196",
"url": "https://bugzilla.suse.com/603356"
},
{
"category": "external",
"summary": "SUSE Bug 617399 for CVE-2010-1196",
"url": "https://bugzilla.suse.com/617399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1196"
},
{
"cve": "CVE-2010-1197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1197"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, does not properly handle situations in which both \"Content-Disposition: attachment\" and \"Content-Type: multipart\" are present in HTTP headers, which allows remote attackers to conduct cross-site scripting (XSS) attacks via an uploaded HTML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1197",
"url": "https://www.suse.com/security/cve/CVE-2010-1197"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1197",
"url": "https://bugzilla.suse.com/603356"
},
{
"category": "external",
"summary": "SUSE Bug 617399 for CVE-2010-1197",
"url": "https://bugzilla.suse.com/617399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-1197"
},
{
"cve": "CVE-2010-1198",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1198"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1198",
"url": "https://www.suse.com/security/cve/CVE-2010-1198"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1198",
"url": "https://bugzilla.suse.com/603356"
},
{
"category": "external",
"summary": "SUSE Bug 617399 for CVE-2010-1198",
"url": "https://bugzilla.suse.com/617399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1198"
},
{
"cve": "CVE-2010-1199",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1199"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1199",
"url": "https://www.suse.com/security/cve/CVE-2010-1199"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1199",
"url": "https://bugzilla.suse.com/603356"
},
{
"category": "external",
"summary": "SUSE Bug 617399 for CVE-2010-1199",
"url": "https://bugzilla.suse.com/617399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1199"
},
{
"cve": "CVE-2010-1200",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1200"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1200",
"url": "https://www.suse.com/security/cve/CVE-2010-1200"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1200",
"url": "https://bugzilla.suse.com/603356"
},
{
"category": "external",
"summary": "SUSE Bug 617399 for CVE-2010-1200",
"url": "https://bugzilla.suse.com/617399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1200"
},
{
"cve": "CVE-2010-1201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1201"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.10, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1201",
"url": "https://www.suse.com/security/cve/CVE-2010-1201"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1201",
"url": "https://bugzilla.suse.com/603356"
},
{
"category": "external",
"summary": "SUSE Bug 617399 for CVE-2010-1201",
"url": "https://bugzilla.suse.com/617399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1201"
},
{
"cve": "CVE-2010-1202",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1202"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1202",
"url": "https://www.suse.com/security/cve/CVE-2010-1202"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1202",
"url": "https://bugzilla.suse.com/603356"
},
{
"category": "external",
"summary": "SUSE Bug 617399 for CVE-2010-1202",
"url": "https://bugzilla.suse.com/617399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1202"
},
{
"cve": "CVE-2010-1203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1203"
}
],
"notes": [
{
"category": "general",
"text": "The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger an assertion failure in jstracer.cpp.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1203",
"url": "https://www.suse.com/security/cve/CVE-2010-1203"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1203",
"url": "https://bugzilla.suse.com/603356"
},
{
"category": "external",
"summary": "SUSE Bug 617399 for CVE-2010-1203",
"url": "https://bugzilla.suse.com/617399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1203"
},
{
"cve": "CVE-2010-1205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1205"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1205",
"url": "https://www.suse.com/security/cve/CVE-2010-1205"
},
{
"category": "external",
"summary": "SUSE Bug 1188284 for CVE-2010-1205",
"url": "https://bugzilla.suse.com/1188284"
},
{
"category": "external",
"summary": "SUSE Bug 617866 for CVE-2010-1205",
"url": "https://bugzilla.suse.com/617866"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-1205",
"url": "https://bugzilla.suse.com/622506"
},
{
"category": "external",
"summary": "SUSE Bug 639941 for CVE-2010-1205",
"url": "https://bugzilla.suse.com/639941"
},
{
"category": "external",
"summary": "SUSE Bug 854395 for CVE-2010-1205",
"url": "https://bugzilla.suse.com/854395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1205"
},
{
"cve": "CVE-2010-1206",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1206"
}
],
"notes": [
{
"category": "general",
"text": "The startDocumentLoad function in browser/base/content/browser.js in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, does not properly implement the Same Origin Policy in certain circumstances related to the about:blank document and a document that is currently loading, which allows (1) remote web servers to conduct spoofing attacks via vectors involving a 204 (aka No Content) status code, and allows (2) remote attackers to conduct spoofing attacks via vectors involving a window.stop call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1206",
"url": "https://www.suse.com/security/cve/CVE-2010-1206"
},
{
"category": "external",
"summary": "SUSE Bug 618183 for CVE-2010-1206",
"url": "https://bugzilla.suse.com/618183"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-1206",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-1206"
},
{
"cve": "CVE-2010-1207",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1207"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 do not properly implement read restrictions for CANVAS elements, which allows remote attackers to obtain sensitive cross-origin information via vectors involving reference retention and node deletion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1207",
"url": "https://www.suse.com/security/cve/CVE-2010-1207"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-1207",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-1207"
},
{
"cve": "CVE-2010-1208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1208"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via vectors related to deletion of an event attribute node with a nonzero reference count.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1208",
"url": "https://www.suse.com/security/cve/CVE-2010-1208"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-1208",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1208"
},
{
"cve": "CVE-2010-1209",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1209"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the NodeIterator implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via a crafted NodeFilter that detaches DOM nodes, related to the NodeIterator interface and a javascript callback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1209",
"url": "https://www.suse.com/security/cve/CVE-2010-1209"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-1209",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1209"
},
{
"cve": "CVE-2010-1210",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1210"
}
],
"notes": [
{
"category": "general",
"text": "intl/uconv/util/nsUnicodeDecodeHelper.cpp in Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 inserts a U+FFFD sequence into text in certain circumstances involving undefined positions, which might make it easier for remote attackers to conduct cross-site scripting (XSS) attacks via crafted 8-bit text.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1210",
"url": "https://www.suse.com/security/cve/CVE-2010-1210"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-1210",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-1210"
},
{
"cve": "CVE-2010-1211",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1211"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1211",
"url": "https://www.suse.com/security/cve/CVE-2010-1211"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-1211",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1211"
},
{
"cve": "CVE-2010-1212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1212"
}
],
"notes": [
{
"category": "general",
"text": "js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) propagation of deep aborts in the TraceRecorder::record_JSOP_BINDNAME function, (2) depth handling in the TraceRecorder::record_JSOP_GETELEM function, and (3) tracing of out-of-range arguments in the TraceRecorder::record_JSOP_ARGSUB function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1212",
"url": "https://www.suse.com/security/cve/CVE-2010-1212"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-1212",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1212"
},
{
"cve": "CVE-2010-1213",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1213"
}
],
"notes": [
{
"category": "general",
"text": "The importScripts Web Worker method in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not verify that content is valid JavaScript code, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted HTML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1213",
"url": "https://www.suse.com/security/cve/CVE-2010-1213"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-1213",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-1213"
},
{
"cve": "CVE-2010-1214",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1214"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via plugin content with many parameter elements.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1214",
"url": "https://www.suse.com/security/cve/CVE-2010-1214"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-1214",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1214"
},
{
"cve": "CVE-2010-1215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1215"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 do not properly implement access to a content object through a SafeJSObjectWrapper (aka SJOW) wrapper, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging \"access to an object from the chrome scope.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1215",
"url": "https://www.suse.com/security/cve/CVE-2010-1215"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-1215",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-1215"
},
{
"cve": "CVE-2010-2751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2751"
}
],
"notes": [
{
"category": "general",
"text": "The nsDocShell::OnRedirectStateChange function in docshell/base/nsDocShell.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to spoof the SSL security status of a document via vectors involving multiple requests, a redirect, and the history.back and history.forward JavaScript functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2751",
"url": "https://www.suse.com/security/cve/CVE-2010-2751"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-2751",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2010-2751"
},
{
"cve": "CVE-2010-2752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2752"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code by placing many Cascading Style Sheets (CSS) values in an array, related to references to external font resources and an inconsistency between 16-bit and 32-bit integers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2752",
"url": "https://www.suse.com/security/cve/CVE-2010-2752"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-2752",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2752"
},
{
"cve": "CVE-2010-2753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2753"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code via a large selection attribute in a XUL tree element, which triggers a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2753",
"url": "https://www.suse.com/security/cve/CVE-2010-2753"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-2753",
"url": "https://bugzilla.suse.com/622506"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2753",
"url": "https://bugzilla.suse.com/637303"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2753"
},
{
"cve": "CVE-2010-2754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2754"
}
],
"notes": [
{
"category": "general",
"text": "dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script\u0027s URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2754",
"url": "https://www.suse.com/security/cve/CVE-2010-2754"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-2754",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-2754"
},
{
"cve": "CVE-2010-2755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2755"
}
],
"notes": [
{
"category": "general",
"text": "layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted HTML document, related to the DATA and SRC attributes of an OBJECT element. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-1214.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2755",
"url": "https://www.suse.com/security/cve/CVE-2010-2755"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-2755",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2755"
},
{
"cve": "CVE-2010-2760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2760"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsTreeSelection function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via vectors involving a XUL tree selection, related to a \"dangling pointer vulnerability.\" NOTE: this issue exists because of an incomplete fix for CVE-2010-2753.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2760",
"url": "https://www.suse.com/security/cve/CVE-2010-2760"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2760",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-2760",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2760"
},
{
"cve": "CVE-2010-2762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2762"
}
],
"notes": [
{
"category": "general",
"text": "The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox 3.6.x before 3.6.9 and Thunderbird 3.1.x before 3.1.3 does not properly restrict objects at the end of scope chains, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to a chrome privileged object and a chain ending in an outer object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2762",
"url": "https://www.suse.com/security/cve/CVE-2010-2762"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2762",
"url": "https://bugzilla.suse.com/637303"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-2762"
},
{
"cve": "CVE-2010-2764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2764"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, which allows remote attackers to discover the existence of intranet web servers via cross-origin requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2764",
"url": "https://www.suse.com/security/cve/CVE-2010-2764"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2764",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-2764",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2764"
},
{
"cve": "CVE-2010-2765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2765"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the FRAMESET element implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a large number of values in the cols (aka columns) attribute, leading to a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2765",
"url": "https://www.suse.com/security/cve/CVE-2010-2765"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2765",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-2765",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2765"
},
{
"cve": "CVE-2010-2766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2766"
}
],
"notes": [
{
"category": "general",
"text": "The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle the removal of DOM nodes during normalization, which might allow remote attackers to execute arbitrary code via vectors involving access to a deleted object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2766",
"url": "https://www.suse.com/security/cve/CVE-2010-2766"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2766",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-2766",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2766"
},
{
"cve": "CVE-2010-2767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2767"
}
],
"notes": [
{
"category": "general",
"text": "The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted access to the navigator object, related to a \"dangling pointer vulnerability.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2767",
"url": "https://www.suse.com/security/cve/CVE-2010-2767"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2767",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-2767",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2767"
},
{
"cve": "CVE-2010-2768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2768"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict use of the type attribute of an OBJECT element to set a document\u0027s charset, which allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms via UTF-7 encoding.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2768",
"url": "https://www.suse.com/security/cve/CVE-2010-2768"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2768",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-2768",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2768"
},
{
"cve": "CVE-2010-2769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2769"
}
],
"notes": [
{
"category": "general",
"text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allows user-assisted remote attackers to inject arbitrary web script or HTML via a selection that is added to a document in which the designMode property is enabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2769",
"url": "https://www.suse.com/security/cve/CVE-2010-2769"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2769",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-2769",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2769"
},
{
"cve": "CVE-2010-3166",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3166"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsTextFrameUtils::TransformText function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a bidirectional text run.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3166",
"url": "https://www.suse.com/security/cve/CVE-2010-3166"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-3166",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-3166",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3166"
},
{
"cve": "CVE-2010-3167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3167"
}
],
"notes": [
{
"category": "general",
"text": "The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vectors involving access to deleted memory, related to a \"dangling pointer vulnerability.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3167",
"url": "https://www.suse.com/security/cve/CVE-2010-3167"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-3167",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-3167",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3167"
},
{
"cve": "CVE-2010-3168",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3168"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to cause a denial of service (deleted memory access and application crash) or possibly execute arbitrary code by setting unspecified properties.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3168",
"url": "https://www.suse.com/security/cve/CVE-2010-3168"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-3168",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-3168",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3168"
},
{
"cve": "CVE-2010-3169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3169"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3169",
"url": "https://www.suse.com/security/cve/CVE-2010-3169"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-3169",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-3169",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3169"
},
{
"cve": "CVE-2010-3170",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3170"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject\u0027s Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3170",
"url": "https://www.suse.com/security/cve/CVE-2010-3170"
},
{
"category": "external",
"summary": "SUSE Bug 637290 for CVE-2010-3170",
"url": "https://bugzilla.suse.com/637290"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3170",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3170",
"url": "https://bugzilla.suse.com/652858"
},
{
"category": "external",
"summary": "SUSE Bug 868629 for CVE-2010-3170",
"url": "https://bugzilla.suse.com/868629"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-3170"
},
{
"cve": "CVE-2010-3173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3173"
}
],
"notes": [
{
"category": "general",
"text": "The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly set the minimum key length for Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3173",
"url": "https://www.suse.com/security/cve/CVE-2010-3173"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3173",
"url": "https://bugzilla.suse.com/645315"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2010-3173"
},
{
"cve": "CVE-2010-3174",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3174"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before 2.0.9 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3174",
"url": "https://www.suse.com/security/cve/CVE-2010-3174"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3174",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3174",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3174"
},
{
"cve": "CVE-2010-3175",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3175"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.11 and Thunderbird 3.1.x before 3.1.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3175",
"url": "https://www.suse.com/security/cve/CVE-2010-3175"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3175",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3175",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3175"
},
{
"cve": "CVE-2010-3176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3176"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3176",
"url": "https://www.suse.com/security/cve/CVE-2010-3176"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3176",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3176",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3176"
},
{
"cve": "CVE-2010-3177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3177"
}
],
"notes": [
{
"category": "general",
"text": "Multiple cross-site scripting (XSS) vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9, allow remote attackers to inject arbitrary web script or HTML via a crafted name of a (1) file or (2) directory on a Gopher server.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3177",
"url": "https://www.suse.com/security/cve/CVE-2010-3177"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3177",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3177",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-3177"
},
{
"cve": "CVE-2010-3178",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3178"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 do not properly handle certain modal calls made by javascript: URLs in circumstances related to opening a new window and performing cross-domain navigation, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3178",
"url": "https://www.suse.com/security/cve/CVE-2010-3178"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3178",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3178",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-3178"
},
{
"cve": "CVE-2010-3179",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3179"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a long argument to the document.write method.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3179",
"url": "https://www.suse.com/security/cve/CVE-2010-3179"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3179",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3179",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3179"
},
{
"cve": "CVE-2010-3180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3180"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code by accessing the locationbar property of a closed window.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3180",
"url": "https://www.suse.com/security/cve/CVE-2010-3180"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3180",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3180",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3180"
},
{
"cve": "CVE-2010-3182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3182"
}
],
"notes": [
{
"category": "general",
"text": "A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3182",
"url": "https://www.suse.com/security/cve/CVE-2010-3182"
},
{
"category": "external",
"summary": "SUSE Bug 642502 for CVE-2010-3182",
"url": "https://bugzilla.suse.com/642502"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3182",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3182",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-3182"
},
{
"cve": "CVE-2010-3183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3183"
}
],
"notes": [
{
"category": "general",
"text": "The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.__lookupGetter__ function calls that lack arguments, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via vectors involving a \"dangling pointer\" and the JS_ValueToId function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3183",
"url": "https://www.suse.com/security/cve/CVE-2010-3183"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3183",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3183",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3183"
},
{
"cve": "CVE-2010-3765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3765"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3765",
"url": "https://www.suse.com/security/cve/CVE-2010-3765"
},
{
"category": "external",
"summary": "SUSE Bug 649492 for CVE-2010-3765",
"url": "https://bugzilla.suse.com/649492"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3765",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3765"
},
{
"cve": "CVE-2011-0068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0068"
}
],
"notes": [
{
"category": "general",
"text": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0068",
"url": "https://www.suse.com/security/cve/CVE-2011-0068"
},
{
"category": "external",
"summary": "SUSE Bug 689281 for CVE-2011-0068",
"url": "https://bugzilla.suse.com/689281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2011-0068"
},
{
"cve": "CVE-2011-0069",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0069"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0070.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0069",
"url": "https://www.suse.com/security/cve/CVE-2011-0069"
},
{
"category": "external",
"summary": "SUSE Bug 689281 for CVE-2011-0069",
"url": "https://bugzilla.suse.com/689281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0069"
},
{
"cve": "CVE-2011-0070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0070"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0069.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0070",
"url": "https://www.suse.com/security/cve/CVE-2011-0070"
},
{
"category": "external",
"summary": "SUSE Bug 689281 for CVE-2011-0070",
"url": "https://bugzilla.suse.com/689281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0070"
},
{
"cve": "CVE-2011-0079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0079"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x before 4.0.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to gfx/layers/d3d10/ReadbackManagerD3D10.cpp and unknown other vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0079",
"url": "https://www.suse.com/security/cve/CVE-2011-0079"
},
{
"category": "external",
"summary": "SUSE Bug 689281 for CVE-2011-0079",
"url": "https://bugzilla.suse.com/689281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0079"
},
{
"cve": "CVE-2011-0080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0080"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0080",
"url": "https://www.suse.com/security/cve/CVE-2011-0080"
},
{
"category": "external",
"summary": "SUSE Bug 689281 for CVE-2011-0080",
"url": "https://bugzilla.suse.com/689281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0080"
},
{
"cve": "CVE-2011-0081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0081"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.17 and 4.x before 4.0.1, and Thunderbird 3.1.x before 3.1.10, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0081",
"url": "https://www.suse.com/security/cve/CVE-2011-0081"
},
{
"category": "external",
"summary": "SUSE Bug 689281 for CVE-2011-0081",
"url": "https://bugzilla.suse.com/689281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0081"
},
{
"cve": "CVE-2011-0084",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0084"
}
],
"notes": [
{
"category": "general",
"text": "The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a \"dangling pointer.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0084",
"url": "https://www.suse.com/security/cve/CVE-2011-0084"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-0084",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0084"
},
{
"cve": "CVE-2011-1187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-1187"
}
],
"notes": [
{
"category": "general",
"text": "Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an \"error message leak.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-1187",
"url": "https://www.suse.com/security/cve/CVE-2011-1187"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2011-1187",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-1187"
},
{
"cve": "CVE-2011-1202",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-1202"
}
],
"notes": [
{
"category": "general",
"text": "The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-1202",
"url": "https://www.suse.com/security/cve/CVE-2011-1202"
},
{
"category": "external",
"summary": "SUSE Bug 689281 for CVE-2011-1202",
"url": "https://bugzilla.suse.com/689281"
},
{
"category": "external",
"summary": "SUSE Bug 692619 for CVE-2011-1202",
"url": "https://bugzilla.suse.com/692619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-1202"
},
{
"cve": "CVE-2011-2366",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2366"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Gecko before 5.0, as used in Firefox before 5.0 and Thunderbird before 5.0, does not block use of a cross-domain image as a WebGL texture, which allows remote attackers to obtain approximate copies of arbitrary images via a timing attack involving a crafted WebGL fragment shader.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2366",
"url": "https://www.suse.com/security/cve/CVE-2011-2366"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2366",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2366"
},
{
"cve": "CVE-2011-2367",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2367"
}
],
"notes": [
{
"category": "general",
"text": "The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict read operations, which allows remote attackers to obtain sensitive information from GPU memory associated with an arbitrary process, or cause a denial of service (application crash), via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2367",
"url": "https://www.suse.com/security/cve/CVE-2011-2367"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2367",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-2367"
},
{
"cve": "CVE-2011-2368",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2368"
}
],
"notes": [
{
"category": "general",
"text": "The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict write operations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2368",
"url": "https://www.suse.com/security/cve/CVE-2011-2368"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2368",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2368"
},
{
"cve": "CVE-2011-2369",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2369"
}
],
"notes": [
{
"category": "general",
"text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 4.0.1 allows remote attackers to inject arbitrary web script or HTML via an SVG element containing an HTML-encoded entity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2369",
"url": "https://www.suse.com/security/cve/CVE-2011-2369"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2369",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-2369"
},
{
"cve": "CVE-2011-2370",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2370"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 5.0 does not properly enforce the whitelist for the xpinstall functionality, which allows remote attackers to trigger an installation dialog for a (1) add-on or (2) theme via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2370",
"url": "https://www.suse.com/security/cve/CVE-2011-2370"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2370",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-2370"
},
{
"cve": "CVE-2011-2371",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2371"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via vectors involving a long JavaScript Array object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2371",
"url": "https://www.suse.com/security/cve/CVE-2011-2371"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2371",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2371"
},
{
"cve": "CVE-2011-2372",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2372"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2372",
"url": "https://www.suse.com/security/cve/CVE-2011-2372"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-2372",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-2372"
},
{
"cve": "CVE-2011-2373",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2373"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14, when JavaScript is disabled, allows remote attackers to execute arbitrary code via a crafted XUL document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2373",
"url": "https://www.suse.com/security/cve/CVE-2011-2373"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2373",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2011-2373"
},
{
"cve": "CVE-2011-2374",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2374"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, and Thunderbird before 3.1.11, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2374",
"url": "https://www.suse.com/security/cve/CVE-2011-2374"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2374",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2374"
},
{
"cve": "CVE-2011-2375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2375"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 5.0 and Thunderbird through 3.1.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2375",
"url": "https://www.suse.com/security/cve/CVE-2011-2375"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2375",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2375"
},
{
"cve": "CVE-2011-2377",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2377"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2377",
"url": "https://www.suse.com/security/cve/CVE-2011-2377"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2377",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-2377"
},
{
"cve": "CVE-2011-2985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2985"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2985",
"url": "https://www.suse.com/security/cve/CVE-2011-2985"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-2985",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2985"
},
{
"cve": "CVE-2011-2986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2986"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products, when the Direct2D (aka D2D) API is used on Windows, allows remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2986",
"url": "https://www.suse.com/security/cve/CVE-2011-2986"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-2986",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-2986"
},
{
"cve": "CVE-2011-2988",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2988"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in an unspecified string class in the WebGL shader implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long source-code block for a shader.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2988",
"url": "https://www.suse.com/security/cve/CVE-2011-2988"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-2988",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2988"
},
{
"cve": "CVE-2011-2989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2989"
}
],
"notes": [
{
"category": "general",
"text": "The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement WebGL, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2989",
"url": "https://www.suse.com/security/cve/CVE-2011-2989"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-2989",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2989"
},
{
"cve": "CVE-2011-2990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2990"
}
],
"notes": [
{
"category": "general",
"text": "The implementation of Content Security Policy (CSP) violation reports in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not remove proxy-authorization credentials from the listed request headers, which allows attackers to obtain sensitive information by reading a report, related to incorrect host resolution that occurs with certain redirects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2990",
"url": "https://www.suse.com/security/cve/CVE-2011-2990"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-2990",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-2990"
},
{
"cve": "CVE-2011-2991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2991"
}
],
"notes": [
{
"category": "general",
"text": "The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement JavaScript, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2991",
"url": "https://www.suse.com/security/cve/CVE-2011-2991"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-2991",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2991"
},
{
"cve": "CVE-2011-2992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2992"
}
],
"notes": [
{
"category": "general",
"text": "The Ogg reader in the browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2992",
"url": "https://www.suse.com/security/cve/CVE-2011-2992"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-2992",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2992"
},
{
"cve": "CVE-2011-2993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2993"
}
],
"notes": [
{
"category": "general",
"text": "The implementation of digital signatures for JAR files in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not prevent calls from unsigned JavaScript code to signed code, which allows remote attackers to bypass the Same Origin Policy and gain privileges via a crafted web site, a different vulnerability than CVE-2008-2801.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2993",
"url": "https://www.suse.com/security/cve/CVE-2011-2993"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-2993",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2993"
},
{
"cve": "CVE-2011-2995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2995"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2995",
"url": "https://www.suse.com/security/cve/CVE-2011-2995"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-2995",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2995"
},
{
"cve": "CVE-2011-2996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2996"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the plugin API in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2996",
"url": "https://www.suse.com/security/cve/CVE-2011-2996"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-2996",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2996"
},
{
"cve": "CVE-2011-2997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2997"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2997",
"url": "https://www.suse.com/security/cve/CVE-2011-2997"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-2997",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2997"
},
{
"cve": "CVE-2011-3000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3000"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote attackers to conduct HTTP response splitting attacks via crafted header values.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3000",
"url": "https://www.suse.com/security/cve/CVE-2011-3000"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-3000",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-3000"
},
{
"cve": "CVE-2011-3001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3001"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent manual add-on installation in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that triggers an unspecified internal error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3001",
"url": "https://www.suse.com/security/cve/CVE-2011-3001"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-3001",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-3001"
},
{
"cve": "CVE-2011-3002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3002"
}
],
"notes": [
{
"category": "general",
"text": "Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 7.0 and SeaMonkey before 2.4, does not validate the return value of a GrowAtomTable function call, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a memory-allocation error and a resulting buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3002",
"url": "https://www.suse.com/security/cve/CVE-2011-3002"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-3002",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3002"
},
{
"cve": "CVE-2011-3003",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3003"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 7.0 and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unspecified WebGL test case that triggers a memory-allocation error and a resulting out-of-bounds write operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3003",
"url": "https://www.suse.com/security/cve/CVE-2011-3003"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-3003",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3003"
},
{
"cve": "CVE-2011-3004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3004"
}
],
"notes": [
{
"category": "general",
"text": "The JSSubScriptLoader in Mozilla Firefox 4.x through 6 and SeaMonkey before 2.4 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a crafted web site that leverages certain unwrapping behavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3004",
"url": "https://www.suse.com/security/cve/CVE-2011-3004"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-3004",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-3004"
},
{
"cve": "CVE-2011-3005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3005"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OGG headers in a .ogg file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3005",
"url": "https://www.suse.com/security/cve/CVE-2011-3005"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-3005",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3005"
},
{
"cve": "CVE-2011-3026",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3026"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3026",
"url": "https://www.suse.com/security/cve/CVE-2011-3026"
},
{
"category": "external",
"summary": "SUSE Bug 747311 for CVE-2011-3026",
"url": "https://bugzilla.suse.com/747311"
},
{
"category": "external",
"summary": "SUSE Bug 747327 for CVE-2011-3026",
"url": "https://bugzilla.suse.com/747327"
},
{
"category": "external",
"summary": "SUSE Bug 747328 for CVE-2011-3026",
"url": "https://bugzilla.suse.com/747328"
},
{
"category": "external",
"summary": "SUSE Bug 773612 for CVE-2011-3026",
"url": "https://bugzilla.suse.com/773612"
},
{
"category": "external",
"summary": "SUSE Bug 854395 for CVE-2011-3026",
"url": "https://bugzilla.suse.com/854395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2011-3026"
},
{
"cve": "CVE-2011-3062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3062"
}
],
"notes": [
{
"category": "general",
"text": "Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3062",
"url": "https://www.suse.com/security/cve/CVE-2011-3062"
},
{
"category": "external",
"summary": "SUSE Bug 754458 for CVE-2011-3062",
"url": "https://bugzilla.suse.com/754458"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2011-3062",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3062"
},
{
"cve": "CVE-2011-3079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3079"
}
],
"notes": [
{
"category": "general",
"text": "The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3079",
"url": "https://www.suse.com/security/cve/CVE-2011-3079"
},
{
"category": "external",
"summary": "SUSE Bug 1122983 for CVE-2011-3079",
"url": "https://bugzilla.suse.com/1122983"
},
{
"category": "external",
"summary": "SUSE Bug 760264 for CVE-2011-3079",
"url": "https://bugzilla.suse.com/760264"
},
{
"category": "external",
"summary": "SUSE Bug 930622 for CVE-2011-3079",
"url": "https://bugzilla.suse.com/930622"
},
{
"category": "external",
"summary": "SUSE Bug 986639 for CVE-2011-3079",
"url": "https://bugzilla.suse.com/986639"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-3079"
},
{
"cve": "CVE-2011-3101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3101"
}
],
"notes": [
{
"category": "general",
"text": "Google Chrome before 19.0.1084.46 on Linux does not properly mitigate an unspecified flaw in an NVIDIA driver, which has unknown impact and attack vectors. NOTE: see CVE-2012-3105 for the related MFSA 2012-34 issue in Mozilla products.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3101",
"url": "https://www.suse.com/security/cve/CVE-2011-3101"
},
{
"category": "external",
"summary": "SUSE Bug 762481 for CVE-2011-3101",
"url": "https://bugzilla.suse.com/762481"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2011-3101",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3101"
},
{
"cve": "CVE-2011-3232",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3232"
}
],
"notes": [
{
"category": "general",
"text": "YARR, as used in Mozilla Firefox before 7.0, Thunderbird before 7.0, and SeaMonkey before 2.4, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3232",
"url": "https://www.suse.com/security/cve/CVE-2011-3232"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-3232",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3232"
},
{
"cve": "CVE-2011-3648",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3648"
}
],
"notes": [
{
"category": "general",
"text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script or HTML via crafted text with Shift JIS encoding.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3648",
"url": "https://www.suse.com/security/cve/CVE-2011-3648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-3648"
},
{
"cve": "CVE-2011-3650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3650"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted file that is accessed by debugging APIs, as demonstrated by Firebug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3650",
"url": "https://www.suse.com/security/cve/CVE-2011-3650"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3650"
},
{
"cve": "CVE-2011-3651",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3651"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 7.0 and Thunderbird 7.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3651",
"url": "https://www.suse.com/security/cve/CVE-2011-3651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3651"
},
{
"cve": "CVE-2011-3652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3652"
}
],
"notes": [
{
"category": "general",
"text": "The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3652",
"url": "https://www.suse.com/security/cve/CVE-2011-3652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3652"
},
{
"cve": "CVE-2011-3654",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3654"
}
],
"notes": [
{
"category": "general",
"text": "The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly handle links from SVG mpath elements to non-SVG elements, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3654",
"url": "https://www.suse.com/security/cve/CVE-2011-3654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3654"
},
{
"cve": "CVE-2011-3655",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3655"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 7.0 and Thunderbird 5.0 through 7.0 perform access control without checking for use of the NoWaiverWrapper wrapper, which allows remote attackers to gain privileges via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3655",
"url": "https://www.suse.com/security/cve/CVE-2011-3655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3655"
},
{
"cve": "CVE-2011-3658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3658"
}
],
"notes": [
{
"category": "general",
"text": "The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3658",
"url": "https://www.suse.com/security/cve/CVE-2011-3658"
},
{
"category": "external",
"summary": "SUSE Bug 737533 for CVE-2011-3658",
"url": "https://bugzilla.suse.com/737533"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2011-3658",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2011-3658",
"url": "https://bugzilla.suse.com/750044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2011-3658"
},
{
"cve": "CVE-2011-3659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3659"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3659",
"url": "https://www.suse.com/security/cve/CVE-2011-3659"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2011-3659",
"url": "https://bugzilla.suse.com/744275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3659"
},
{
"cve": "CVE-2011-3660",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3660"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger a compartment mismatch associated with the nsDOMMessageEvent::GetData function, and unknown other vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3660",
"url": "https://www.suse.com/security/cve/CVE-2011-3660"
},
{
"category": "external",
"summary": "SUSE Bug 737533 for CVE-2011-3660",
"url": "https://bugzilla.suse.com/737533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3660"
},
{
"cve": "CVE-2011-3661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3661"
}
],
"notes": [
{
"category": "general",
"text": "YARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3661",
"url": "https://www.suse.com/security/cve/CVE-2011-3661"
},
{
"category": "external",
"summary": "SUSE Bug 737533 for CVE-2011-3661",
"url": "https://bugzilla.suse.com/737533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2011-3661"
},
{
"cve": "CVE-2011-3663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3663"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to capture keystrokes entered on a web page, even when JavaScript is disabled, by using SVG animation accessKey events within that web page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3663",
"url": "https://www.suse.com/security/cve/CVE-2011-3663"
},
{
"category": "external",
"summary": "SUSE Bug 737533 for CVE-2011-3663",
"url": "https://bugzilla.suse.com/737533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-3663"
},
{
"cve": "CVE-2012-0441",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0441"
}
],
"notes": [
{
"category": "general",
"text": "The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0441",
"url": "https://www.suse.com/security/cve/CVE-2012-0441"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-0441",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0441"
},
{
"cve": "CVE-2012-0442",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0442"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0442",
"url": "https://www.suse.com/security/cve/CVE-2012-0442"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2012-0442",
"url": "https://bugzilla.suse.com/744275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0442"
},
{
"cve": "CVE-2012-0443",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0443"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0443",
"url": "https://www.suse.com/security/cve/CVE-2012-0443"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2012-0443",
"url": "https://bugzilla.suse.com/744275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0443"
},
{
"cve": "CVE-2012-0444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0444"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0444",
"url": "https://www.suse.com/security/cve/CVE-2012-0444"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2012-0444",
"url": "https://bugzilla.suse.com/744275"
},
{
"category": "external",
"summary": "SUSE Bug 747912 for CVE-2012-0444",
"url": "https://bugzilla.suse.com/747912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0444"
},
{
"cve": "CVE-2012-0445",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0445"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to bypass the HTML5 frame-navigation policy and replace arbitrary sub-frames by creating a form submission target with a sub-frame\u0027s name attribute.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0445",
"url": "https://www.suse.com/security/cve/CVE-2012-0445"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2012-0445",
"url": "https://bugzilla.suse.com/744275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0445"
},
{
"cve": "CVE-2012-0446",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0446"
}
],
"notes": [
{
"category": "general",
"text": "Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to inject arbitrary web script or HTML via a (1) web page or (2) Firefox extension, related to improper enforcement of XPConnect security restrictions for frame scripts that call untrusted objects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0446",
"url": "https://www.suse.com/security/cve/CVE-2012-0446"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2012-0446",
"url": "https://bugzilla.suse.com/744275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0446"
},
{
"cve": "CVE-2012-0447",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0447"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize data for image/vnd.microsoft.icon images, which allows remote attackers to obtain potentially sensitive information by reading a PNG image that was created through conversion from an ICO image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0447",
"url": "https://www.suse.com/security/cve/CVE-2012-0447"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2012-0447",
"url": "https://bugzilla.suse.com/744275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0447"
},
{
"cve": "CVE-2012-0449",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0449"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed XSLT stylesheet that is embedded in a document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0449",
"url": "https://www.suse.com/security/cve/CVE-2012-0449"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2012-0449",
"url": "https://bugzilla.suse.com/744275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0449"
},
{
"cve": "CVE-2012-0451",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0451"
}
],
"notes": [
{
"category": "general",
"text": "CRLF injection vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote web servers to bypass intended Content Security Policy (CSP) restrictions and possibly conduct cross-site scripting (XSS) attacks via crafted HTTP headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0451",
"url": "https://www.suse.com/security/cve/CVE-2012-0451"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0451",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0451",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0451",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0451"
},
{
"cve": "CVE-2012-0452",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0452"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, Thunderbird 10.x before 10.0.1, and SeaMonkey 2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger failure of an nsXBLDocumentInfo::ReadPrototypeBindings function call, related to the cycle collector\u0027s access to a hash table containing a stale XBL binding.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0452",
"url": "https://www.suse.com/security/cve/CVE-2012-0452"
},
{
"category": "external",
"summary": "SUSE Bug 746616 for CVE-2012-0452",
"url": "https://bugzilla.suse.com/746616"
},
{
"category": "external",
"summary": "SUSE Bug 746663 for CVE-2012-0452",
"url": "https://bugzilla.suse.com/746663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-0452"
},
{
"cve": "CVE-2012-0455",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0455"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict drag-and-drop operations on javascript: URLs, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web page, related to a \"DragAndDropJacking\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0455",
"url": "https://www.suse.com/security/cve/CVE-2012-0455"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0455",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0455",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0455",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0455"
},
{
"cve": "CVE-2012-0456",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0456"
}
],
"notes": [
{
"category": "general",
"text": "The SVG Filters implementation in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to obtain sensitive information from process memory via vectors that trigger an out-of-bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0456",
"url": "https://www.suse.com/security/cve/CVE-2012-0456"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0456",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0456",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0456",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0456"
},
{
"cve": "CVE-2012-0457",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0457"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsSMILTimeValueSpec::ConvertBetweenTimeContainer function in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to execute arbitrary code via an SVG animation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0457",
"url": "https://www.suse.com/security/cve/CVE-2012-0457"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0457",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0457",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0457",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0457"
},
{
"cve": "CVE-2012-0458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0458"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict setting the home page through the dragging of a URL to the home button, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a javascript: URL that is later interpreted in the about:sessionrestore context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0458",
"url": "https://www.suse.com/security/cve/CVE-2012-0458"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0458",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0458",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0458",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0458"
},
{
"cve": "CVE-2012-0459",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0459"
}
],
"notes": [
{
"category": "general",
"text": "The Cascading Style Sheets (CSS) implementation in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via dynamic modification of a keyframe followed by access to the cssText of the keyframe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0459",
"url": "https://www.suse.com/security/cve/CVE-2012-0459"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0459",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0459",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0459",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-0459"
},
{
"cve": "CVE-2012-0460",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0460"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict write access to the window.fullScreen object, which allows remote attackers to spoof the user interface via a crafted web page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0460",
"url": "https://www.suse.com/security/cve/CVE-2012-0460"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0460",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0460",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0460",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0460"
},
{
"cve": "CVE-2012-0461",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0461"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0461",
"url": "https://www.suse.com/security/cve/CVE-2012-0461"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0461",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0461",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0461",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-0461"
},
{
"cve": "CVE-2012-0462",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0462"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0462",
"url": "https://www.suse.com/security/cve/CVE-2012-0462"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0462",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0462",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0462",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-0462"
},
{
"cve": "CVE-2012-0463",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0463"
}
],
"notes": [
{
"category": "general",
"text": "The nsWindow implementation in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 does not check the validity of an instance after event dispatching, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, as demonstrated by Mobile Firefox on Android.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0463",
"url": "https://www.suse.com/security/cve/CVE-2012-0463"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0463",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0463",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0463",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-0463"
},
{
"cve": "CVE-2012-0464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0464"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to execute arbitrary code via vectors involving an empty argument to the array.join function in conjunction with the triggering of garbage collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0464",
"url": "https://www.suse.com/security/cve/CVE-2012-0464"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0464",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0464",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0464",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-0464"
},
{
"cve": "CVE-2012-0467",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0467"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0467",
"url": "https://www.suse.com/security/cve/CVE-2012-0467"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0467",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0467"
},
{
"cve": "CVE-2012-0468",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0468"
}
],
"notes": [
{
"category": "general",
"text": "The browser engine in Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (assertion failure and memory corruption) or possibly execute arbitrary code via vectors related to jsval.h and the js::array_shift function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0468",
"url": "https://www.suse.com/security/cve/CVE-2012-0468"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0468",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0468"
},
{
"cve": "CVE-2012-0469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0469"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::dom::indexedDB::IDBKeyRange::cycleCollection::Trace function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to execute arbitrary code via vectors related to crafted IndexedDB data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0469",
"url": "https://www.suse.com/security/cve/CVE-2012-0469"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0469",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0469"
},
{
"cve": "CVE-2012-0470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0470"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsSVGFEDiffuseLightingElement::LightPixel function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (invalid gfxImageSurface free operation) or possibly execute arbitrary code by leveraging the use of \"different number systems.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0470",
"url": "https://www.suse.com/security/cve/CVE-2012-0470"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0470",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0470"
},
{
"cve": "CVE-2012-0471",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0471"
}
],
"notes": [
{
"category": "general",
"text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via a multibyte character set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0471",
"url": "https://www.suse.com/security/cve/CVE-2012-0471"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0471",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0471"
},
{
"cve": "CVE-2012-0472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0472"
}
],
"notes": [
{
"category": "general",
"text": "The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9, when certain Windows Vista and Windows 7 configurations are used, does not properly restrict font-rendering attempts, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0472",
"url": "https://www.suse.com/security/cve/CVE-2012-0472"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0472",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0472"
},
{
"cve": "CVE-2012-0473",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0473"
}
],
"notes": [
{
"category": "general",
"text": "The WebGLBuffer::FindMaxUshortElement function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 calls the FindMaxElementInSubArray function with incorrect template arguments, which allows remote attackers to obtain sensitive information from video memory via a crafted WebGL.drawElements call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0473",
"url": "https://www.suse.com/security/cve/CVE-2012-0473"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0473",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0473"
},
{
"cve": "CVE-2012-0474",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0474"
}
],
"notes": [
{
"category": "general",
"text": "Cross-site scripting (XSS) vulnerability in the docshell implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via vectors related to short-circuited page loads, aka \"Universal XSS (UXSS).\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0474",
"url": "https://www.suse.com/security/cve/CVE-2012-0474"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0474",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0474"
},
{
"cve": "CVE-2012-0475",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0475"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 do not properly construct the Origin and Sec-WebSocket-Origin HTTP headers, which might allow remote attackers to bypass an IPv6 literal ACL via a cross-site (1) XMLHttpRequest or (2) WebSocket operation involving a nonstandard port number and an IPv6 address that contains certain zero fields.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0475",
"url": "https://www.suse.com/security/cve/CVE-2012-0475"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0475",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0475"
},
{
"cve": "CVE-2012-0477",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0477"
}
],
"notes": [
{
"category": "general",
"text": "Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to inject arbitrary web script or HTML via the (1) ISO-2022-KR or (2) ISO-2022-CN character set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0477",
"url": "https://www.suse.com/security/cve/CVE-2012-0477"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0477",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0477"
},
{
"cve": "CVE-2012-0478",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0478"
}
],
"notes": [
{
"category": "general",
"text": "The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0478",
"url": "https://www.suse.com/security/cve/CVE-2012-0478"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0478",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0478"
},
{
"cve": "CVE-2012-0479",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0479"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) Atom XML content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0479",
"url": "https://www.suse.com/security/cve/CVE-2012-0479"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0479",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0479"
},
{
"cve": "CVE-2012-0759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0759"
}
],
"notes": [
{
"category": "general",
"text": "Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0771.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0759",
"url": "https://www.suse.com/security/cve/CVE-2012-0759"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2012-0759",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0759"
},
{
"cve": "CVE-2012-1937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1937"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1937",
"url": "https://www.suse.com/security/cve/CVE-2012-1937"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-1937",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1937"
},
{
"cve": "CVE-2012-1938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1938"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) methodjit/ImmutableSync.cpp, (2) the JSObject::makeDenseArraySlow function in js/src/jsarray.cpp, and unknown other components.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1938",
"url": "https://www.suse.com/security/cve/CVE-2012-1938"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-1938",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1938"
},
{
"cve": "CVE-2012-1940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1940"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by changing the size of a container of absolutely positioned elements in a column.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1940",
"url": "https://www.suse.com/security/cve/CVE-2012-1940"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-1940",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1940"
},
{
"cve": "CVE-2012-1941",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1941"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsHTMLReflowState::CalculateHypotheticalBox function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code by resizing a window displaying absolutely positioned and relatively positioned elements in nested columns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1941",
"url": "https://www.suse.com/security/cve/CVE-2012-1941"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-1941",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1941"
},
{
"cve": "CVE-2012-1944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1944"
}
],
"notes": [
{
"category": "general",
"text": "The Content Security Policy (CSP) implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not block inline event handlers, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted HTML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1944",
"url": "https://www.suse.com/security/cve/CVE-2012-1944"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-1944",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-1944"
},
{
"cve": "CVE-2012-1945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1945"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut (aka .lnk) file for display within an IFRAME element, as demonstrated by a network share implemented by (1) Microsoft Windows or (2) Samba.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1945",
"url": "https://www.suse.com/security/cve/CVE-2012-1945"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-1945",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-1945"
},
{
"cve": "CVE-2012-1946",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1946"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsINode::ReplaceOrInsertBefore function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 might allow remote attackers to execute arbitrary code via document changes involving replacement or insertion of a node.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1946",
"url": "https://www.suse.com/security/cve/CVE-2012-1946"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-1946",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1946"
},
{
"cve": "CVE-2012-1947",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1947"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a character-set conversion failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1947",
"url": "https://www.suse.com/security/cve/CVE-2012-1947"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-1947",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1947"
},
{
"cve": "CVE-2012-1948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1948"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1948",
"url": "https://www.suse.com/security/cve/CVE-2012-1948"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1948",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1948"
},
{
"cve": "CVE-2012-1949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1949"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1949",
"url": "https://www.suse.com/security/cve/CVE-2012-1949"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1949",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1949"
},
{
"cve": "CVE-2012-1950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1950"
}
],
"notes": [
{
"category": "general",
"text": "The drag-and-drop implementation in Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 allows remote attackers to spoof the address bar by canceling a page load.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1950",
"url": "https://www.suse.com/security/cve/CVE-2012-1950"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1950",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1950"
},
{
"cve": "CVE-2012-1951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1951"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsSMILTimeValueSpec::IsEventBased function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code by interacting with objects used for SMIL Timing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1951",
"url": "https://www.suse.com/security/cve/CVE-2012-1951"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1951",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1951"
},
{
"cve": "CVE-2012-1952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1952"
}
],
"notes": [
{
"category": "general",
"text": "The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly perform a cast of a frame variable during processing of mixed row-group and column-group frames, which might allow remote attackers to execute arbitrary code via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1952",
"url": "https://www.suse.com/security/cve/CVE-2012-1952"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1952",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1952"
},
{
"cve": "CVE-2012-1953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1953"
}
],
"notes": [
{
"category": "general",
"text": "The ElementAnimations::EnsureStyleRuleFor function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (buffer over-read, incorrect pointer dereference, and heap-based buffer overflow) or possibly execute arbitrary code via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1953",
"url": "https://www.suse.com/security/cve/CVE-2012-1953"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1953",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1953"
},
{
"cve": "CVE-2012-1954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1954"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsDocument::AdoptNode function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors involving multiple adoptions and empty documents.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1954",
"url": "https://www.suse.com/security/cve/CVE-2012-1954"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1954",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1954"
},
{
"cve": "CVE-2012-1955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1955"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to spoof the address bar via vectors involving history.forward and history.back calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1955",
"url": "https://www.suse.com/security/cve/CVE-2012-1955"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1955",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1955"
},
{
"cve": "CVE-2012-1956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1956"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 do not prevent use of the Object.defineProperty method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1956",
"url": "https://www.suse.com/security/cve/CVE-2012-1956"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-1956",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-1956"
},
{
"cve": "CVE-2012-1957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1957"
}
],
"notes": [
{
"category": "general",
"text": "An unspecified parser-utility class in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly handle EMBED elements within description elements in RSS feeds, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a feed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1957",
"url": "https://www.suse.com/security/cve/CVE-2012-1957"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1957",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1957"
},
{
"cve": "CVE-2012-1958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1958"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsGlobalWindow::PageHidden function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 might allow remote attackers to execute arbitrary code via vectors related to focused content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1958",
"url": "https://www.suse.com/security/cve/CVE-2012-1958"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1958",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1958"
},
{
"cve": "CVE-2012-1959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1959"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not consider the presence of same-compartment security wrappers (SCSW) during the cross-compartment wrapping of objects, which allows remote attackers to bypass intended XBL access restrictions via crafted content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1959",
"url": "https://www.suse.com/security/cve/CVE-2012-1959"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1959",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1959"
},
{
"cve": "CVE-2012-1960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1960"
}
],
"notes": [
{
"category": "general",
"text": "The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implementation in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 might allow remote attackers to obtain sensitive information from process memory via a crafted color profile that triggers an out-of-bounds read operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1960",
"url": "https://www.suse.com/security/cve/CVE-2012-1960"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1960",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-1960"
},
{
"cve": "CVE-2012-1961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1961"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly handle duplicate values in X-Frame-Options headers, which makes it easier for remote attackers to conduct clickjacking attacks via a FRAME element referencing a web site that produces these duplicate values.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1961",
"url": "https://www.suse.com/security/cve/CVE-2012-1961"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1961",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1961"
},
{
"cve": "CVE-2012-1962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1962"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the JSDependentString::undepend function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving strings with multiple dependencies.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1962",
"url": "https://www.suse.com/security/cve/CVE-2012-1962"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1962",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1962"
},
{
"cve": "CVE-2012-1963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1963"
}
],
"notes": [
{
"category": "general",
"text": "The Content Security Policy (CSP) functionality in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly restrict the strings placed into the blocked-uri parameter of a violation report, which allows remote web servers to capture OpenID credentials and OAuth 2.0 access tokens by triggering a violation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1963",
"url": "https://www.suse.com/security/cve/CVE-2012-1963"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1963",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1963"
},
{
"cve": "CVE-2012-1965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1965"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not properly establish the security context of a feed: URL, which allows remote attackers to bypass unspecified cross-site scripting (XSS) protection mechanisms via a feed:javascript: URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1965",
"url": "https://www.suse.com/security/cve/CVE-2012-1965"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1965",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1965"
},
{
"cve": "CVE-2012-1966",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1966"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1966",
"url": "https://www.suse.com/security/cve/CVE-2012-1966"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1966",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1966"
},
{
"cve": "CVE-2012-1967",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1967"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows remote attackers to execute arbitrary JavaScript code with improper privileges via a javascript: URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1967",
"url": "https://www.suse.com/security/cve/CVE-2012-1967"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1967",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1967"
},
{
"cve": "CVE-2012-1970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1970"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1970",
"url": "https://www.suse.com/security/cve/CVE-2012-1970"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-1970",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1970"
},
{
"cve": "CVE-2012-1972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1972"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1972",
"url": "https://www.suse.com/security/cve/CVE-2012-1972"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-1972",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1972"
},
{
"cve": "CVE-2012-1973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1973"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsObjectLoadingContent::LoadObject function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1973",
"url": "https://www.suse.com/security/cve/CVE-2012-1973"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-1973",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1973"
},
{
"cve": "CVE-2012-1974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1974"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the gfxTextRun::CanBreakLineBefore function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1974",
"url": "https://www.suse.com/security/cve/CVE-2012-1974"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-1974",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1974"
},
{
"cve": "CVE-2012-1975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1975"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the PresShell::CompleteMove function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1975",
"url": "https://www.suse.com/security/cve/CVE-2012-1975"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-1975",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1975"
},
{
"cve": "CVE-2012-1976",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1976"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsHTMLSelectElement::SubmitNamesValues function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1976",
"url": "https://www.suse.com/security/cve/CVE-2012-1976"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-1976",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1976"
},
{
"cve": "CVE-2012-2808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-2808"
}
],
"notes": [
{
"category": "general",
"text": "The PRNG implementation in the DNS resolver in Bionic in Android before 4.1.1 incorrectly uses time and PID information during the generation of random numbers for query ID values and UDP source ports, which makes it easier for remote attackers to spoof DNS responses by guessing these numbers, a related issue to CVE-2015-0800.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-2808",
"url": "https://www.suse.com/security/cve/CVE-2012-2808"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-2808"
},
{
"cve": "CVE-2012-3956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3956"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the MediaStreamGraphThreadRunnable::Run function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3956",
"url": "https://www.suse.com/security/cve/CVE-2012-3956"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3956",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3956"
},
{
"cve": "CVE-2012-3957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3957"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsBlockFrame::MarkLineDirty function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3957",
"url": "https://www.suse.com/security/cve/CVE-2012-3957"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3957",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3957"
},
{
"cve": "CVE-2012-3958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3958"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsHTMLEditRules::DeleteNonTableElements function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3958",
"url": "https://www.suse.com/security/cve/CVE-2012-3958"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3958",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3958"
},
{
"cve": "CVE-2012-3959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3959"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3959",
"url": "https://www.suse.com/security/cve/CVE-2012-3959"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3959",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3959"
},
{
"cve": "CVE-2012-3960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3960"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozSpellChecker::SetCurrentDictionary function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3960",
"url": "https://www.suse.com/security/cve/CVE-2012-3960"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3960",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3960"
},
{
"cve": "CVE-2012-3961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3961"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the RangeData implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3961",
"url": "https://www.suse.com/security/cve/CVE-2012-3961"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3961",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3961"
},
{
"cve": "CVE-2012-3962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3962"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly iterate through the characters in a text run, which allows remote attackers to execute arbitrary code via a crafted document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3962",
"url": "https://www.suse.com/security/cve/CVE-2012-3962"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3962",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3962"
},
{
"cve": "CVE-2012-3963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3963"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the js::gc::MapAllocToTraceKind function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3963",
"url": "https://www.suse.com/security/cve/CVE-2012-3963"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3963",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3963"
},
{
"cve": "CVE-2012-3964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3964"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the gfxTextRun::GetUserData function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3964",
"url": "https://www.suse.com/security/cve/CVE-2012-3964"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3964",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3964"
},
{
"cve": "CVE-2012-3965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3965"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 15.0 does not properly restrict navigation to the about:newtab page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers creation of a new tab and then a new window.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3965",
"url": "https://www.suse.com/security/cve/CVE-2012-3965"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3965",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3965"
},
{
"cve": "CVE-2012-3966",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3966"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a negative height value in a BMP image within a .ICO file, related to (1) improper handling of the transparency bitmask by the nsICODecoder component and (2) improper processing of the alpha channel by the nsBMPDecoder component.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3966",
"url": "https://www.suse.com/security/cve/CVE-2012-3966"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3966",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3966"
},
{
"cve": "CVE-2012-3967",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3967"
}
],
"notes": [
{
"category": "general",
"text": "The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 on Linux, when a large number of sampler uniforms are used, does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3967",
"url": "https://www.suse.com/security/cve/CVE-2012-3967"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3967",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3967"
},
{
"cve": "CVE-2012-3968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3968"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via vectors related to deletion of a fragment shader by its accessor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3968",
"url": "https://www.suse.com/security/cve/CVE-2012-3968"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3968",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3968"
},
{
"cve": "CVE-2012-3969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3969"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the nsSVGFEMorphologyElement::Filter function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via a crafted SVG filter that triggers an incorrect sum calculation, leading to a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3969",
"url": "https://www.suse.com/security/cve/CVE-2012-3969"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3969",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3969"
},
{
"cve": "CVE-2012-3970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3970"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsTArray_base::Length function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving movement of a requiredFeatures attribute from one SVG document to another.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3970",
"url": "https://www.suse.com/security/cve/CVE-2012-3970"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3970",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3970"
},
{
"cve": "CVE-2012-3971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3971"
}
],
"notes": [
{
"category": "general",
"text": "Summer Institute of Linguistics (SIL) Graphite 2, as used in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the (1) Silf::readClassMap and (2) Pass::readPass functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3971",
"url": "https://www.suse.com/security/cve/CVE-2012-3971"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3971",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3971"
},
{
"cve": "CVE-2012-3972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3972"
}
],
"notes": [
{
"category": "general",
"text": "The format-number functionality in the XSLT implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3972",
"url": "https://www.suse.com/security/cve/CVE-2012-3972"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3972",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-3972"
},
{
"cve": "CVE-2012-3973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3973"
}
],
"notes": [
{
"category": "general",
"text": "The debugger in the developer-tools subsystem in Mozilla Firefox before 15.0, when remote debugging is disabled, does not properly restrict access to the remote-debugging service, which allows remote attackers to execute arbitrary code by leveraging the presence of the HTTPMonitor extension and connecting to that service through the HTTPMonitor port.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3973",
"url": "https://www.suse.com/security/cve/CVE-2012-3973"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3973",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-3973"
},
{
"cve": "CVE-2012-3975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3975"
}
],
"notes": [
{
"category": "general",
"text": "The DOMParser component in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 loads subresources during parsing of text/html data within an extension, which allows remote attackers to obtain sensitive information by providing crafted data to privileged extension code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3975",
"url": "https://www.suse.com/security/cve/CVE-2012-3975"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3975",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-3975"
},
{
"cve": "CVE-2012-3976",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3976"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly handle onLocationChange events during navigation between different https sites, which allows remote attackers to spoof the X.509 certificate information in the address bar via a crafted web page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3976",
"url": "https://www.suse.com/security/cve/CVE-2012-3976"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3976",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-3976"
},
{
"cve": "CVE-2012-3978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3978"
}
],
"notes": [
{
"category": "general",
"text": "The nsLocation::CheckURL function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 does not properly follow the security model of the location object, which allows remote attackers to bypass intended content-loading restrictions or possibly have unspecified other impact via vectors involving chrome code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3978",
"url": "https://www.suse.com/security/cve/CVE-2012-3978"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3978",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-3978"
},
{
"cve": "CVE-2012-3980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3980"
}
],
"notes": [
{
"category": "general",
"text": "The web console in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that injects this code and triggers an eval operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3980",
"url": "https://www.suse.com/security/cve/CVE-2012-3980"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3980",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3980"
},
{
"cve": "CVE-2012-3982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3982"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3982",
"url": "https://www.suse.com/security/cve/CVE-2012-3982"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3982",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3982"
},
{
"cve": "CVE-2012-3983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3983"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3983",
"url": "https://www.suse.com/security/cve/CVE-2012-3983"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3983",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3983"
},
{
"cve": "CVE-2012-3984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3984"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has a SELECT element\u0027s menu active, which allows remote attackers to spoof page content via vectors involving absolute positioning and scrolling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3984",
"url": "https://www.suse.com/security/cve/CVE-2012-3984"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3984",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-3984"
},
{
"cve": "CVE-2012-3985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3985"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly implement the HTML5 Same Origin Policy, which allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging initial-origin access after document.domain has been set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3985",
"url": "https://www.suse.com/security/cve/CVE-2012-3985"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3985",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-3985"
},
{
"cve": "CVE-2012-3986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3986"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict calls to DOMWindowUtils (aka nsDOMWindowUtils) methods, which allows remote attackers to bypass intended access restrictions via crafted JavaScript code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3986",
"url": "https://www.suse.com/security/cve/CVE-2012-3986"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3986",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3986"
},
{
"cve": "CVE-2012-3988",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3988"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 might allow user-assisted remote attackers to execute arbitrary code via vectors involving use of mozRequestFullScreen to enter full-screen mode, and use of the history.back method for backwards history navigation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3988",
"url": "https://www.suse.com/security/cve/CVE-2012-3988"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3988",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3988"
},
{
"cve": "CVE-2012-3989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3989"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly perform a cast of an unspecified variable during use of the instanceof operator on a JavaScript object, which allows remote attackers to execute arbitrary code or cause a denial of service (assertion failure) via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3989",
"url": "https://www.suse.com/security/cve/CVE-2012-3989"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3989",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3989"
},
{
"cve": "CVE-2012-3990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3990"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the IME State Manager implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors, related to the nsIContent::GetNameSpaceID function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3990",
"url": "https://www.suse.com/security/cve/CVE-2012-3990"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3990",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3990"
},
{
"cve": "CVE-2012-3991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3991"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict JSAPI access to the GetProperty function, which allows remote attackers to bypass the Same Origin Policy and possibly have unspecified other impact via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3991",
"url": "https://www.suse.com/security/cve/CVE-2012-3991"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3991",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3991"
},
{
"cve": "CVE-2012-3992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3992"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive POST content via vectors involving a location.hash write operation and history navigation that triggers the loading of a URL into the history object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3992",
"url": "https://www.suse.com/security/cve/CVE-2012-3992"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3992",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3992"
},
{
"cve": "CVE-2012-3993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3993"
}
],
"notes": [
{
"category": "general",
"text": "The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not properly interact with failures of InstallTrigger methods, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site, related to an \"XrayWrapper pollution\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3993",
"url": "https://www.suse.com/security/cve/CVE-2012-3993"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3993",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3993"
},
{
"cve": "CVE-2012-3994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3994"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to conduct cross-site scripting (XSS) attacks via a binary plugin that uses Object.defineProperty to shadow the top object, and leverages the relationship between top.location and the location property.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3994",
"url": "https://www.suse.com/security/cve/CVE-2012-3994"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3994",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3994"
},
{
"cve": "CVE-2012-3995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3995"
}
],
"notes": [
{
"category": "general",
"text": "The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3995",
"url": "https://www.suse.com/security/cve/CVE-2012-3995"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3995",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3995"
},
{
"cve": "CVE-2012-4179",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4179"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsHTMLCSSUtils::CreateCSSPropertyTxn function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4179",
"url": "https://www.suse.com/security/cve/CVE-2012-4179"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4179",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4179"
},
{
"cve": "CVE-2012-4180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4180"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsHTMLEditor::IsPrevCharInNodeWhitespace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4180",
"url": "https://www.suse.com/security/cve/CVE-2012-4180"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4180",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4180"
},
{
"cve": "CVE-2012-4181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4181"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsSMILAnimationController::DoSample function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4181",
"url": "https://www.suse.com/security/cve/CVE-2012-4181"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4181",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4181"
},
{
"cve": "CVE-2012-4182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4182"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsTextEditRules::WillInsert function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4182",
"url": "https://www.suse.com/security/cve/CVE-2012-4182"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4182",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4182"
},
{
"cve": "CVE-2012-4183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4183"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the DOMSVGTests::GetRequiredFeatures function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4183",
"url": "https://www.suse.com/security/cve/CVE-2012-4183"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4183",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4183"
},
{
"cve": "CVE-2012-4184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4184"
}
],
"notes": [
{
"category": "general",
"text": "The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not prevent access to properties of a prototype for a standard class, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4184",
"url": "https://www.suse.com/security/cve/CVE-2012-4184"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4184",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4184"
},
{
"cve": "CVE-2012-4185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4185"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the nsCharTraits::length function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4185",
"url": "https://www.suse.com/security/cve/CVE-2012-4185"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4185",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4185"
},
{
"cve": "CVE-2012-4186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4186"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsWaveReader::DecodeAudioData function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4186",
"url": "https://www.suse.com/security/cve/CVE-2012-4186"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4186",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4186"
},
{
"cve": "CVE-2012-4187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4187"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage a certain insPos variable, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and assertion failure) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4187",
"url": "https://www.suse.com/security/cve/CVE-2012-4187"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4187",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4187"
},
{
"cve": "CVE-2012-4188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4188"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the Convolve3x3 function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4188",
"url": "https://www.suse.com/security/cve/CVE-2012-4188"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4188",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4188"
},
{
"cve": "CVE-2012-4191",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4191"
}
],
"notes": [
{
"category": "general",
"text": "The mozilla::net::FailDelayManager::Lookup function in the WebSockets implementation in Mozilla Firefox before 16.0.1, Thunderbird before 16.0.1, and SeaMonkey before 2.13.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4191",
"url": "https://www.suse.com/security/cve/CVE-2012-4191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4191"
},
{
"cve": "CVE-2012-4192",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4192"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 16.0, Thunderbird 16.0, and SeaMonkey 2.13 allow remote attackers to bypass the Same Origin Policy and read the properties of a Location object via a crafted web site, a related issue to CVE-2012-4193.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4192",
"url": "https://www.suse.com/security/cve/CVE-2012-4192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4192"
},
{
"cve": "CVE-2012-4193",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4193"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, which allows remote attackers to bypass the Same Origin Policy and read the properties of a Location object, or execute arbitrary JavaScript code, via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4193",
"url": "https://www.suse.com/security/cve/CVE-2012-4193"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4193",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4193"
},
{
"cve": "CVE-2012-4194",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4194"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4194",
"url": "https://www.suse.com/security/cve/CVE-2012-4194"
},
{
"category": "external",
"summary": "SUSE Bug 786522 for CVE-2012-4194",
"url": "https://bugzilla.suse.com/786522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4194"
},
{
"cve": "CVE-2012-4195",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4195"
}
],
"notes": [
{
"category": "general",
"text": "The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and principal in its return value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, and makes it easier for remote attackers to execute arbitrary JavaScript code by leveraging certain add-on behavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4195",
"url": "https://www.suse.com/security/cve/CVE-2012-4195"
},
{
"category": "external",
"summary": "SUSE Bug 786522 for CVE-2012-4195",
"url": "https://bugzilla.suse.com/786522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4195"
},
{
"cve": "CVE-2012-4196",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4196"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a prototype property-injection attack that defeats certain protection mechanisms for this object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4196",
"url": "https://www.suse.com/security/cve/CVE-2012-4196"
},
{
"category": "external",
"summary": "SUSE Bug 786522 for CVE-2012-4196",
"url": "https://bugzilla.suse.com/786522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4196"
},
{
"cve": "CVE-2012-4201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4201"
}
],
"notes": [
{
"category": "general",
"text": "The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incorrect context during the handling of JavaScript code that sets the location.href property, which allows remote attackers to conduct cross-site scripting (XSS) attacks or read arbitrary files by leveraging a sandboxed add-on.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4201",
"url": "https://www.suse.com/security/cve/CVE-2012-4201"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4201",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4201"
},
{
"cve": "CVE-2012-4202",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4202"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via a crafted GIF image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4202",
"url": "https://www.suse.com/security/cve/CVE-2012-4202"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4202",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4202"
},
{
"cve": "CVE-2012-4203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4203"
}
],
"notes": [
{
"category": "general",
"text": "The New Tab page in Mozilla Firefox before 17.0 uses a privileged context for execution of JavaScript code by bookmarklets, which allows user-assisted remote attackers to run arbitrary programs by leveraging a javascript: URL in a bookmark.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4203",
"url": "https://www.suse.com/security/cve/CVE-2012-4203"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4203",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4203"
},
{
"cve": "CVE-2012-4204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4204"
}
],
"notes": [
{
"category": "general",
"text": "The str_unescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4204",
"url": "https://www.suse.com/security/cve/CVE-2012-4204"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4204",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4204"
},
{
"cve": "CVE-2012-4205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4205"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 assign the system principal, rather than the sandbox principal, to XMLHttpRequest objects created in sandboxes, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks or obtain sensitive information by leveraging a sandboxed add-on.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4205",
"url": "https://www.suse.com/security/cve/CVE-2012-4205"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4205",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4205"
},
{
"cve": "CVE-2012-4207",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4207"
}
],
"notes": [
{
"category": "general",
"text": "The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a ~ (tilde) character in proximity to a chunk delimiter, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4207",
"url": "https://www.suse.com/security/cve/CVE-2012-4207"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4207",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4207"
},
{
"cve": "CVE-2012-4208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4208"
}
],
"notes": [
{
"category": "general",
"text": "The XrayWrapper implementation in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 does not consider the compartment during property filtering, which allows remote attackers to bypass intended chrome-only restrictions on reading DOM object properties via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4208",
"url": "https://www.suse.com/security/cve/CVE-2012-4208"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4208",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4208"
},
{
"cve": "CVE-2012-4209",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4209"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do not prevent use of a \"top\" frame name-attribute value to access the location property, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a binary plugin.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4209",
"url": "https://www.suse.com/security/cve/CVE-2012-4209"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4209",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4209"
},
{
"cve": "CVE-2012-4210",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4210"
}
],
"notes": [
{
"category": "general",
"text": "The Style Inspector in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 does not properly restrict the context of HTML markup and Cascading Style Sheets (CSS) token sequences, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted stylesheet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4210",
"url": "https://www.suse.com/security/cve/CVE-2012-4210"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4210",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4210"
},
{
"cve": "CVE-2012-4212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4212"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the XPCWrappedNative::Mark function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4212",
"url": "https://www.suse.com/security/cve/CVE-2012-4212"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4212",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4212"
},
{
"cve": "CVE-2012-4213",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4213"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsEditor::FindNextLeafNode function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4213",
"url": "https://www.suse.com/security/cve/CVE-2012-4213"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4213",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4213"
},
{
"cve": "CVE-2012-4214",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4214"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-5840.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4214",
"url": "https://www.suse.com/security/cve/CVE-2012-4214"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4214",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4214"
},
{
"cve": "CVE-2012-4215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4215"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4215",
"url": "https://www.suse.com/security/cve/CVE-2012-4215"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4215",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4215"
},
{
"cve": "CVE-2012-4216",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4216"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4216",
"url": "https://www.suse.com/security/cve/CVE-2012-4216"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4216",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4216"
},
{
"cve": "CVE-2012-4217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4217"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsViewManager::ProcessPendingUpdates function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4217",
"url": "https://www.suse.com/security/cve/CVE-2012-4217"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4217",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4217"
},
{
"cve": "CVE-2012-4218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4218"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the BuildTextRunsScanner::BreakSink::SetBreaks function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4218",
"url": "https://www.suse.com/security/cve/CVE-2012-4218"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4218",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4218"
},
{
"cve": "CVE-2012-5829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5829"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsWindow::OnExposeEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5829",
"url": "https://www.suse.com/security/cve/CVE-2012-5829"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5829",
"url": "https://bugzilla.suse.com/790140"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2012-5829",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-5829"
},
{
"cve": "CVE-2012-5830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5830"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5830",
"url": "https://www.suse.com/security/cve/CVE-2012-5830"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5830",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-5830"
},
{
"cve": "CVE-2012-5833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5833"
}
],
"notes": [
{
"category": "general",
"text": "The texImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via function calls involving certain values of the level parameter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5833",
"url": "https://www.suse.com/security/cve/CVE-2012-5833"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5833",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-5833"
},
{
"cve": "CVE-2012-5835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5835"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via crafted data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5835",
"url": "https://www.suse.com/security/cve/CVE-2012-5835"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5835",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-5835"
},
{
"cve": "CVE-2012-5836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5836"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving the setting of Cascading Style Sheets (CSS) properties in conjunction with SVG text.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5836",
"url": "https://www.suse.com/security/cve/CVE-2012-5836"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5836",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-5836"
},
{
"cve": "CVE-2012-5837",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5837"
}
],
"notes": [
{
"category": "general",
"text": "The Web Developer Toolbar in Mozilla Firefox before 17.0 executes script with chrome privileges, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted string.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5837",
"url": "https://www.suse.com/security/cve/CVE-2012-5837"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5837",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-5837"
},
{
"cve": "CVE-2012-5838",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5838"
}
],
"notes": [
{
"category": "general",
"text": "The copyTexImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via large image dimensions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5838",
"url": "https://www.suse.com/security/cve/CVE-2012-5838"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5838",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-5838"
},
{
"cve": "CVE-2012-5839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5839"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5839",
"url": "https://www.suse.com/security/cve/CVE-2012-5839"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5839",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-5839"
},
{
"cve": "CVE-2012-5840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5840"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4214.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5840",
"url": "https://www.suse.com/security/cve/CVE-2012-5840"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5840",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-5840"
},
{
"cve": "CVE-2012-5841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5841"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 implement cross-origin wrappers with a filtering behavior that does not properly restrict write actions, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5841",
"url": "https://www.suse.com/security/cve/CVE-2012-5841"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5841",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-5841"
},
{
"cve": "CVE-2012-5842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5842"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5842",
"url": "https://www.suse.com/security/cve/CVE-2012-5842"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5842",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-5842"
},
{
"cve": "CVE-2012-5843",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5843"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5843",
"url": "https://www.suse.com/security/cve/CVE-2012-5843"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5843",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-5843"
},
{
"cve": "CVE-2013-0743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0743"
}
],
"notes": [
{
"category": "general",
"text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA at the suggestion of the CVE project team. The candidate had been associated with a correct report of a security problem, but not a problem that is categorized as a vulnerability within CVE. Compromised or unauthorized SSL certificates are not within CVE\u0027s scope. Notes: none.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0743",
"url": "https://www.suse.com/security/cve/CVE-2013-0743"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0743",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0743"
},
{
"cve": "CVE-2013-0744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0744"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an HTML document with a table containing many columns and column groups.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0744",
"url": "https://www.suse.com/security/cve/CVE-2013-0744"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0744",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0744"
},
{
"cve": "CVE-2013-0745",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0745"
}
],
"notes": [
{
"category": "general",
"text": "The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly interact with garbage collection, which allows remote attackers to execute arbitrary code via a crafted HTML document referencing JavaScript objects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0745",
"url": "https://www.suse.com/security/cve/CVE-2013-0745"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0745",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0745"
},
{
"cve": "CVE-2013-0746",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0746"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 do not properly implement quickstubs that use the jsval data type for their return values, which allows remote attackers to execute arbitrary code or cause a denial of service (compartment mismatch and application crash) via crafted JavaScript code that is not properly handled during garbage collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0746",
"url": "https://www.suse.com/security/cve/CVE-2013-0746"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0746",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0746"
},
{
"cve": "CVE-2013-0747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0747"
}
],
"notes": [
{
"category": "general",
"text": "The gPluginHandler.handleEvent function in the plugin handler in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly enforce the Same Origin Policy, which allows remote attackers to conduct clickjacking attacks via crafted JavaScript code that listens for a mutation event.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0747",
"url": "https://www.suse.com/security/cve/CVE-2013-0747"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0747",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0747"
},
{
"cve": "CVE-2013-0748",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0748"
}
],
"notes": [
{
"category": "general",
"text": "The XBL.__proto__.toString implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 makes it easier for remote attackers to bypass the ASLR protection mechanism by calling the toString function of an XBL object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0748",
"url": "https://www.suse.com/security/cve/CVE-2013-0748"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0748",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0748"
},
{
"cve": "CVE-2013-0749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0749"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0749",
"url": "https://www.suse.com/security/cve/CVE-2013-0749"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0749",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0749"
},
{
"cve": "CVE-2013-0750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0750"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted string concatenation, leading to improper memory allocation and a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0750",
"url": "https://www.suse.com/security/cve/CVE-2013-0750"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0750",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0750"
},
{
"cve": "CVE-2013-0751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0751"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 18.0 on Android and SeaMonkey before 2.15 do not restrict a touch event to a single IFRAME element, which allows remote attackers to obtain sensitive information or possibly conduct cross-site scripting (XSS) attacks via a crafted HTML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0751",
"url": "https://www.suse.com/security/cve/CVE-2013-0751"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0751",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0751"
},
{
"cve": "CVE-2013-0752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0752"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XBL file with multiple bindings that have SVG content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0752",
"url": "https://www.suse.com/security/cve/CVE-2013-0752"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0752",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0752"
},
{
"cve": "CVE-2013-0753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0753"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via crafted web content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0753",
"url": "https://www.suse.com/security/cve/CVE-2013-0753"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0753",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0753"
},
{
"cve": "CVE-2013-0754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0754"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the ListenerManager implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors involving the triggering of garbage collection after memory allocation for listener objects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0754",
"url": "https://www.suse.com/security/cve/CVE-2013-0754"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0754",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0754"
},
{
"cve": "CVE-2013-0755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0755"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozVibrate implementation in the Vibrate library in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors related to the domDoc pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0755",
"url": "https://www.suse.com/security/cve/CVE-2013-0755"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0755",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0755"
},
{
"cve": "CVE-2013-0756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0756"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the obj_toSource function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted web page referencing JavaScript Proxy objects that are not properly handled during garbage collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0756",
"url": "https://www.suse.com/security/cve/CVE-2013-0756"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0756",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0756"
},
{
"cve": "CVE-2013-0757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0757"
}
],
"notes": [
{
"category": "general",
"text": "The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not prevent modifications to the prototype of an object, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by referencing Object.prototype.__proto__ in a crafted HTML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0757",
"url": "https://www.suse.com/security/cve/CVE-2013-0757"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0757",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0757"
},
{
"cve": "CVE-2013-0758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0758"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging improper interaction between plugin objects and SVG elements.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0758",
"url": "https://www.suse.com/security/cve/CVE-2013-0758"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0758",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0758"
},
{
"cve": "CVE-2013-0760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0760"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the CharDistributionAnalysis::HandleOneChar function in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0760",
"url": "https://www.suse.com/security/cve/CVE-2013-0760"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0760",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0760"
},
{
"cve": "CVE-2013-0761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0761"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::TrackUnionStream::EndTrack implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0761",
"url": "https://www.suse.com/security/cve/CVE-2013-0761"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0761",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0761"
},
{
"cve": "CVE-2013-0762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0762"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the imgRequest::OnStopFrame function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0762",
"url": "https://www.suse.com/security/cve/CVE-2013-0762"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0762",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0762"
},
{
"cve": "CVE-2013-0763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0763"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to Mesa drivers and a resized WebGL canvas.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0763",
"url": "https://www.suse.com/security/cve/CVE-2013-0763"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0763",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0763"
},
{
"cve": "CVE-2013-0764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0764"
}
],
"notes": [
{
"category": "general",
"text": "The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not ensure thread safety for SSL sessions, which allows remote attackers to execute arbitrary code via crafted data, as demonstrated by e-mail message data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0764",
"url": "https://www.suse.com/security/cve/CVE-2013-0764"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0764",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0764"
},
{
"cve": "CVE-2013-0765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0765"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 do not prevent multiple wrapping of WebIDL objects, which allows remote attackers to bypass intended access restrictions via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0765",
"url": "https://www.suse.com/security/cve/CVE-2013-0765"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0765",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0765"
},
{
"cve": "CVE-2013-0766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0766"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the ~nsHTMLEditRules implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0766",
"url": "https://www.suse.com/security/cve/CVE-2013-0766"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0766",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0766"
},
{
"cve": "CVE-2013-0767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0767"
}
],
"notes": [
{
"category": "general",
"text": "The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0767",
"url": "https://www.suse.com/security/cve/CVE-2013-0767"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0767",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0767"
},
{
"cve": "CVE-2013-0768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0768"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer overflow in the Canvas implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via an HTML document that specifies invalid width and height values.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0768",
"url": "https://www.suse.com/security/cve/CVE-2013-0768"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0768",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0768"
},
{
"cve": "CVE-2013-0769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0769"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0769",
"url": "https://www.suse.com/security/cve/CVE-2013-0769"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0769",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0769"
},
{
"cve": "CVE-2013-0770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0770"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0770",
"url": "https://www.suse.com/security/cve/CVE-2013-0770"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0770",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0770"
},
{
"cve": "CVE-2013-0771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0771"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0771",
"url": "https://www.suse.com/security/cve/CVE-2013-0771"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0771",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0771"
},
{
"cve": "CVE-2013-0772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0772"
}
],
"notes": [
{
"category": "general",
"text": "The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) via a crafted GIF image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0772",
"url": "https://www.suse.com/security/cve/CVE-2013-0772"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0772",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0772"
},
{
"cve": "CVE-2013-0773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0773"
}
],
"notes": [
{
"category": "general",
"text": "The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) implementations in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent modifications to a prototype, which allows remote attackers to obtain sensitive information from chrome objects or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0773",
"url": "https://www.suse.com/security/cve/CVE-2013-0773"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0773",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0773"
},
{
"cve": "CVE-2013-0774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0774"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent JavaScript workers from reading the browser-profile directory name, which has unspecified impact and remote attack vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0774",
"url": "https://www.suse.com/security/cve/CVE-2013-0774"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0774",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0774"
},
{
"cve": "CVE-2013-0775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0775"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsImageLoadingContent::OnStopContainer function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via crafted web script.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0775",
"url": "https://www.suse.com/security/cve/CVE-2013-0775"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0775",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0775"
},
{
"cve": "CVE-2013-0776",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0776"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the address bar by operating a proxy server that provides a 407 HTTP status code accompanied by web script, as demonstrated by a phishing attack on an HTTPS site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0776",
"url": "https://www.suse.com/security/cve/CVE-2013-0776"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0776",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0776"
},
{
"cve": "CVE-2013-0777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0777"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsDisplayBoxShadowOuter::Paint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0777",
"url": "https://www.suse.com/security/cve/CVE-2013-0777"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0777",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0777"
},
{
"cve": "CVE-2013-0778",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0778"
}
],
"notes": [
{
"category": "general",
"text": "The ClusterIterator::NextCluster function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0778",
"url": "https://www.suse.com/security/cve/CVE-2013-0778"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0778",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0778"
},
{
"cve": "CVE-2013-0779",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0779"
}
],
"notes": [
{
"category": "general",
"text": "The nsCodingStateMachine::NextState function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0779",
"url": "https://www.suse.com/security/cve/CVE-2013-0779"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0779",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0779"
},
{
"cve": "CVE-2013-0780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0780"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsOverflowContinuationTracker::Finish function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document that uses Cascading Style Sheets (CSS) -moz-column-* properties.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0780",
"url": "https://www.suse.com/security/cve/CVE-2013-0780"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0780",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0780"
},
{
"cve": "CVE-2013-0781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0781"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsPrintEngine::CommonPrint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0781",
"url": "https://www.suse.com/security/cve/CVE-2013-0781"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0781",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0781"
},
{
"cve": "CVE-2013-0782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0782"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0782",
"url": "https://www.suse.com/security/cve/CVE-2013-0782"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0782",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0782"
},
{
"cve": "CVE-2013-0783",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0783"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0783",
"url": "https://www.suse.com/security/cve/CVE-2013-0783"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0783",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0783"
},
{
"cve": "CVE-2013-0787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0787"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey before 2.16.1 allows remote attackers to execute arbitrary code via vectors involving an execCommand call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0787",
"url": "https://www.suse.com/security/cve/CVE-2013-0787"
},
{
"category": "external",
"summary": "SUSE Bug 808243 for CVE-2013-0787",
"url": "https://bugzilla.suse.com/808243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0787"
},
{
"cve": "CVE-2013-0788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0788"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0788",
"url": "https://www.suse.com/security/cve/CVE-2013-0788"
},
{
"category": "external",
"summary": "SUSE Bug 813026 for CVE-2013-0788",
"url": "https://bugzilla.suse.com/813026"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0788",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0788"
},
{
"cve": "CVE-2013-0789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0789"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0 and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsContentUtils::HoldJSObjects function and the nsAutoPtr class, and other vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0789",
"url": "https://www.suse.com/security/cve/CVE-2013-0789"
},
{
"category": "external",
"summary": "SUSE Bug 813026 for CVE-2013-0789",
"url": "https://bugzilla.suse.com/813026"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0789",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0789"
},
{
"cve": "CVE-2013-0792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0792"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when gfx.color_management.enablev4 is used, do not properly handle color profiles during PNG rendering, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a grayscale PNG image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0792",
"url": "https://www.suse.com/security/cve/CVE-2013-0792"
},
{
"category": "external",
"summary": "SUSE Bug 813026 for CVE-2013-0792",
"url": "https://bugzilla.suse.com/813026"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0792",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0792"
},
{
"cve": "CVE-2013-0793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0793"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 do not ensure the correctness of the address bar during history navigation, which allows remote attackers to conduct cross-site scripting (XSS) attacks or phishing attacks by leveraging control over navigation timing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0793",
"url": "https://www.suse.com/security/cve/CVE-2013-0793"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0793",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0793"
},
{
"cve": "CVE-2013-0794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0794"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 20.0 and SeaMonkey before 2.17 do not prevent origin spoofing of tab-modal dialogs, which allows remote attackers to conduct phishing attacks via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0794",
"url": "https://www.suse.com/security/cve/CVE-2013-0794"
},
{
"category": "external",
"summary": "SUSE Bug 813026 for CVE-2013-0794",
"url": "https://bugzilla.suse.com/813026"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0794",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0794"
},
{
"cve": "CVE-2013-0795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0795"
}
],
"notes": [
{
"category": "general",
"text": "The System Only Wrapper (SOW) implementation in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 does not prevent use of the cloneNode method for cloning a protected node, which allows remote attackers to bypass the Same Origin Policy or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0795",
"url": "https://www.suse.com/security/cve/CVE-2013-0795"
},
{
"category": "external",
"summary": "SUSE Bug 813026 for CVE-2013-0795",
"url": "https://bugzilla.suse.com/813026"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0795",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0795"
},
{
"cve": "CVE-2013-0796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0796"
}
],
"notes": [
{
"category": "general",
"text": "The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 on Linux does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (free of unallocated memory) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0796",
"url": "https://www.suse.com/security/cve/CVE-2013-0796"
},
{
"category": "external",
"summary": "SUSE Bug 813026 for CVE-2013-0796",
"url": "https://bugzilla.suse.com/813026"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0796",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0796"
},
{
"cve": "CVE-2013-0800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0800"
}
],
"notes": [
{
"category": "general",
"text": "Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0800",
"url": "https://www.suse.com/security/cve/CVE-2013-0800"
},
{
"category": "external",
"summary": "SUSE Bug 813026 for CVE-2013-0800",
"url": "https://bugzilla.suse.com/813026"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0800",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0800"
},
{
"cve": "CVE-2013-0801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0801"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0801",
"url": "https://www.suse.com/security/cve/CVE-2013-0801"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0801",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0801"
},
{
"cve": "CVE-2013-1669",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1669"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1669",
"url": "https://www.suse.com/security/cve/CVE-2013-1669"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-1669",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1669"
},
{
"cve": "CVE-2013-1670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1670"
}
],
"notes": [
{
"category": "general",
"text": "The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 does not prevent acquisition of chrome privileges during calls to content level constructors, which allows remote attackers to bypass certain read-only restrictions and conduct cross-site scripting (XSS) attacks via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1670",
"url": "https://www.suse.com/security/cve/CVE-2013-1670"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-1670",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1670"
},
{
"cve": "CVE-2013-1671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1671"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 21.0 does not properly implement the INPUT element, which allows remote attackers to obtain the full pathname via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1671",
"url": "https://www.suse.com/security/cve/CVE-2013-1671"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-1671",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1671"
},
{
"cve": "CVE-2013-1674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1674"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code via vectors involving an onresize event during the playing of a video.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1674",
"url": "https://www.suse.com/security/cve/CVE-2013-1674"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-1674",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1674"
},
{
"cve": "CVE-2013-1675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1675"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1675",
"url": "https://www.suse.com/security/cve/CVE-2013-1675"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-1675",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1675"
},
{
"cve": "CVE-2013-1676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1676"
}
],
"notes": [
{
"category": "general",
"text": "The SelectionIterator::GetNextSegment function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1676",
"url": "https://www.suse.com/security/cve/CVE-2013-1676"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-1676",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1676"
},
{
"cve": "CVE-2013-1677",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1677"
}
],
"notes": [
{
"category": "general",
"text": "The gfxSkipCharsIterator::SetOffsets function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1677",
"url": "https://www.suse.com/security/cve/CVE-2013-1677"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-1677",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1677"
},
{
"cve": "CVE-2013-1678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1678"
}
],
"notes": [
{
"category": "general",
"text": "The _cairo_xlib_surface_add_glyph function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1678",
"url": "https://www.suse.com/security/cve/CVE-2013-1678"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-1678",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1678"
},
{
"cve": "CVE-2013-1679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1679"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::plugins::child::_geturlnotify function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1679",
"url": "https://www.suse.com/security/cve/CVE-2013-1679"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-1679",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1679"
},
{
"cve": "CVE-2013-1680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1680"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1680",
"url": "https://www.suse.com/security/cve/CVE-2013-1680"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-1680",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1680"
},
{
"cve": "CVE-2013-1681",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1681"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsContentUtils::RemoveScriptBlocker function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1681",
"url": "https://www.suse.com/security/cve/CVE-2013-1681"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-1681",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1681"
},
{
"cve": "CVE-2013-1682",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1682"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1682",
"url": "https://www.suse.com/security/cve/CVE-2013-1682"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1682",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1682"
},
{
"cve": "CVE-2013-1683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1683"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1683",
"url": "https://www.suse.com/security/cve/CVE-2013-1683"
},
{
"category": "external",
"summary": "SUSE Bug 1150035 for CVE-2013-1683",
"url": "https://bugzilla.suse.com/1150035"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1683",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1683"
},
{
"cve": "CVE-2013-1684",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1684"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::dom::HTMLMediaElement::LookupMediaElementURITable function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1684",
"url": "https://www.suse.com/security/cve/CVE-2013-1684"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1684",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1684"
},
{
"cve": "CVE-2013-1685",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1685"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsIDocument::GetRootElement function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1685",
"url": "https://www.suse.com/security/cve/CVE-2013-1685"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1685",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1685"
},
{
"cve": "CVE-2013-1686",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1686"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::ResetDir function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1686",
"url": "https://www.suse.com/security/cve/CVE-2013-1686"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1686",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1686"
},
{
"cve": "CVE-2013-1687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1687"
}
],
"notes": [
{
"category": "general",
"text": "The System Only Wrapper (SOW) and Chrome Object Wrapper (COW) implementations in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly restrict XBL user-defined functions, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges, or conduct cross-site scripting (XSS) attacks, via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1687",
"url": "https://www.suse.com/security/cve/CVE-2013-1687"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1687",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1687"
},
{
"cve": "CVE-2013-1688",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1688"
}
],
"notes": [
{
"category": "general",
"text": "The Profiler implementation in Mozilla Firefox before 22.0 parses untrusted data during UI rendering, which allows user-assisted remote attackers to execute arbitrary JavaScript code via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1688",
"url": "https://www.suse.com/security/cve/CVE-2013-1688"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1688",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1688"
},
{
"cve": "CVE-2013-1690",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1690"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1690",
"url": "https://www.suse.com/security/cve/CVE-2013-1690"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1690",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1690"
},
{
"cve": "CVE-2013-1692",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1692"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not prevent the inclusion of body data in an XMLHttpRequest HEAD request, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1692",
"url": "https://www.suse.com/security/cve/CVE-2013-1692"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1692",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1692"
},
{
"cve": "CVE-2013-1693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1693"
}
],
"notes": [
{
"category": "general",
"text": "The SVG filter implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to read pixel values, and possibly bypass the Same Origin Policy and read text from a different domain, by observing timing differences in execution of filter code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1693",
"url": "https://www.suse.com/security/cve/CVE-2013-1693"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1693",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1693"
},
{
"cve": "CVE-2013-1694",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1694"
}
],
"notes": [
{
"category": "general",
"text": "The PreserveWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly handle the lack of a wrapper, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by leveraging unintended clearing of the wrapper cache\u0027s preserved-wrapper flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1694",
"url": "https://www.suse.com/security/cve/CVE-2013-1694"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1694",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1694"
},
{
"cve": "CVE-2013-1695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1695"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 22.0 does not properly implement certain DocShell inheritance behavior for the sandbox attribute of an IFRAME element, which allows remote attackers to bypass intended access restrictions via a FRAME element within an IFRAME element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1695",
"url": "https://www.suse.com/security/cve/CVE-2013-1695"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1695",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1695"
},
{
"cve": "CVE-2013-1696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1696"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 22.0 does not properly enforce the X-Frame-Options protection mechanism, which allows remote attackers to conduct clickjacking attacks via a crafted web site that uses the HTTP server push feature with multipart responses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1696",
"url": "https://www.suse.com/security/cve/CVE-2013-1696"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1696",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1696"
},
{
"cve": "CVE-2013-1697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1697"
}
],
"notes": [
{
"category": "general",
"text": "The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers use of a user-defined (1) toString or (2) valueOf method.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1697",
"url": "https://www.suse.com/security/cve/CVE-2013-1697"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1697",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1697"
},
{
"cve": "CVE-2013-1698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1698"
}
],
"notes": [
{
"category": "general",
"text": "The getUserMedia permission implementation in Mozilla Firefox before 22.0 references the URL of a top-level document instead of the URL of a specific page, which makes it easier for remote attackers to trick users into permitting camera or microphone access via a crafted web site that uses IFRAME elements.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1698",
"url": "https://www.suse.com/security/cve/CVE-2013-1698"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1698",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1698"
},
{
"cve": "CVE-2013-1699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1699"
}
],
"notes": [
{
"category": "general",
"text": "The Internationalized Domain Name (IDN) display algorithm in Mozilla Firefox before 22.0 does not properly handle the .com, .name, and .net top-level domains, which allows remote attackers to spoof the address bar via unspecified homograph characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1699",
"url": "https://www.suse.com/security/cve/CVE-2013-1699"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1699",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1699"
},
{
"cve": "CVE-2013-1701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1701"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1701",
"url": "https://www.suse.com/security/cve/CVE-2013-1701"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1701",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1701"
},
{
"cve": "CVE-2013-1702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1702"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1702",
"url": "https://www.suse.com/security/cve/CVE-2013-1702"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1702",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1702"
},
{
"cve": "CVE-2013-1704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1704"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsINode::GetParentNode function in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a DOM modification at the time of a SetBody mutation event.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1704",
"url": "https://www.suse.com/security/cve/CVE-2013-1704"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1704",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1704"
},
{
"cve": "CVE-2013-1705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1705"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer underflow in the cryptojs_interpret_key_gen_type function in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Certificate Request Message Format (CRMF) request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1705",
"url": "https://www.suse.com/security/cve/CVE-2013-1705"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1705",
"url": "https://bugzilla.suse.com/833389"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1705",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1705"
},
{
"cve": "CVE-2013-1708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1708"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (application crash) via a crafted WAV file that is not properly handled by the nsCString::CharAt function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1708",
"url": "https://www.suse.com/security/cve/CVE-2013-1708"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1708",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1708"
},
{
"cve": "CVE-2013-1709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1709"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly handle the interaction between FRAME elements and history, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving spoofing a relative location in a previously visited document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1709",
"url": "https://www.suse.com/security/cve/CVE-2013-1709"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1709",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1709"
},
{
"cve": "CVE-2013-1710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1710"
}
],
"notes": [
{
"category": "general",
"text": "The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allows remote attackers to execute arbitrary JavaScript code or conduct cross-site scripting (XSS) attacks via vectors related to Certificate Request Message Format (CRMF) request generation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1710",
"url": "https://www.suse.com/security/cve/CVE-2013-1710"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1710",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1710"
},
{
"cve": "CVE-2013-1711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1711"
}
],
"notes": [
{
"category": "general",
"text": "The XrayWrapper implementation in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 does not properly address the possibility of an XBL scope bypass resulting from non-native arguments in XBL function calls, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks by leveraging access to an unprivileged object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1711",
"url": "https://www.suse.com/security/cve/CVE-2013-1711"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1711",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1711"
},
{
"cve": "CVE-2013-1713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1713"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 use an incorrect URI within unspecified comparisons during enforcement of the Same Origin Policy, which allows remote attackers to conduct cross-site scripting (XSS) attacks or install arbitrary add-ons via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1713",
"url": "https://www.suse.com/security/cve/CVE-2013-1713"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1713",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1713"
},
{
"cve": "CVE-2013-1714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1714"
}
],
"notes": [
{
"category": "general",
"text": "The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 does not properly restrict XMLHttpRequest calls, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1714",
"url": "https://www.suse.com/security/cve/CVE-2013-1714"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1714",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1714"
},
{
"cve": "CVE-2013-1717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1717"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a download to a fixed pathname or other predictable pathname.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1717",
"url": "https://www.suse.com/security/cve/CVE-2013-1717"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1717",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1717"
},
{
"cve": "CVE-2013-1718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1718"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1718",
"url": "https://www.suse.com/security/cve/CVE-2013-1718"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1718",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1718"
},
{
"cve": "CVE-2013-1719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1719"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1719",
"url": "https://www.suse.com/security/cve/CVE-2013-1719"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1719",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1719"
},
{
"cve": "CVE-2013-1720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1720"
}
],
"notes": [
{
"category": "general",
"text": "The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tree Builder in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 does not properly maintain the state of the insertion-mode stack for template elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer over-read) by triggering use of this stack in its empty state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1720",
"url": "https://www.suse.com/security/cve/CVE-2013-1720"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1720",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1720"
},
{
"cve": "CVE-2013-1721",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1721"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the drawLineLoop function in the libGLESv2 library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 24.0 and SeaMonkey before 2.21, allows remote attackers to execute arbitrary code via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1721",
"url": "https://www.suse.com/security/cve/CVE-2013-1721"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1721",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1721"
},
{
"cve": "CVE-2013-1722",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1722"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsAnimationManager::BuildAnimations function in the Animation Manager in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving stylesheet cloning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1722",
"url": "https://www.suse.com/security/cve/CVE-2013-1722"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1722",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1722"
},
{
"cve": "CVE-2013-1723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1723"
}
],
"notes": [
{
"category": "general",
"text": "The NativeKey widget in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 processes key messages after destruction by a dispatched event listener, which allows remote attackers to cause a denial of service (application crash) by leveraging incorrect event usage after widget-memory reallocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1723",
"url": "https://www.suse.com/security/cve/CVE-2013-1723"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1723",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1723"
},
{
"cve": "CVE-2013-1724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1724"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::dom::HTMLFormElement::IsDefaultSubmitElement function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a destroyed SELECT element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1724",
"url": "https://www.suse.com/security/cve/CVE-2013-1724"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1724",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1724"
},
{
"cve": "CVE-2013-1725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1725"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not ensure that initialization occurs for JavaScript objects with compartments, which allows remote attackers to execute arbitrary code by leveraging incorrect scope handling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1725",
"url": "https://www.suse.com/security/cve/CVE-2013-1725"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1725",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1725"
},
{
"cve": "CVE-2013-1728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1728"
}
],
"notes": [
{
"category": "general",
"text": "The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21, when Valgrind mode is used, does not properly initialize memory, which makes it easier for remote attackers to obtain sensitive information via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1728",
"url": "https://www.suse.com/security/cve/CVE-2013-1728"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1728",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1728"
},
{
"cve": "CVE-2013-1730",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1730"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows remote attackers to execute arbitrary code or cause a denial of service (JavaScript compartment mismatch, or assertion failure and application exit) via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1730",
"url": "https://www.suse.com/security/cve/CVE-2013-1730"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1730",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1730"
},
{
"cve": "CVE-2013-1732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1732"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via crafted use of lists and floats within a multi-column layout.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1732",
"url": "https://www.suse.com/security/cve/CVE-2013-1732"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1732",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1732"
},
{
"cve": "CVE-2013-1735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1735"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via vectors related to image-document scrolling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1735",
"url": "https://www.suse.com/security/cve/CVE-2013-1735"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1735",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1735"
},
{
"cve": "CVE-2013-1736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1736"
}
],
"notes": [
{
"category": "general",
"text": "The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to improperly establishing parent-child relationships of range-request nodes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1736",
"url": "https://www.suse.com/security/cve/CVE-2013-1736"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1736",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1736"
},
{
"cve": "CVE-2013-1737",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1737"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the \"this\" object during use of user-defined getter methods on DOM proxies, which might allow remote attackers to bypass intended access restrictions via vectors involving an expando object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1737",
"url": "https://www.suse.com/security/cve/CVE-2013-1737"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1737",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1737"
},
{
"cve": "CVE-2013-1738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1738"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the JS_GetGlobalForScopeChain function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code by leveraging incorrect garbage collection in situations involving default compartments and frame-chain restoration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1738",
"url": "https://www.suse.com/security/cve/CVE-2013-1738"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1738",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1738"
},
{
"cve": "CVE-2013-5590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5590"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5590",
"url": "https://www.suse.com/security/cve/CVE-2013-5590"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5590",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5590"
},
{
"cve": "CVE-2013-5591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5591"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5591",
"url": "https://www.suse.com/security/cve/CVE-2013-5591"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5591",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5591"
},
{
"cve": "CVE-2013-5592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5592"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5592",
"url": "https://www.suse.com/security/cve/CVE-2013-5592"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5592",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5592"
},
{
"cve": "CVE-2013-5593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5593"
}
],
"notes": [
{
"category": "general",
"text": "The SELECT element implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly restrict the nature or placement of HTML within a dropdown menu, which allows remote attackers to spoof the address bar or conduct clickjacking attacks via vectors that trigger navigation off of a page containing this element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5593",
"url": "https://www.suse.com/security/cve/CVE-2013-5593"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5593",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5593"
},
{
"cve": "CVE-2013-5595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5595"
}
],
"notes": [
{
"category": "general",
"text": "The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly allocate memory for unspecified functions, which allows remote attackers to conduct buffer overflow attacks via a crafted web page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5595",
"url": "https://www.suse.com/security/cve/CVE-2013-5595"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5595",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5595"
},
{
"cve": "CVE-2013-5596",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5596"
}
],
"notes": [
{
"category": "general",
"text": "The cycle collection (CC) implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial of service (race condition and application crash) via a large HTML document containing IMG elements, as demonstrated by the Never-Ending Reddit on reddit.com.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5596",
"url": "https://www.suse.com/security/cve/CVE-2013-5596"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5596",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5596"
},
{
"cve": "CVE-2013-5597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5597"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a state-change event during an update of the offline cache.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5597",
"url": "https://www.suse.com/security/cve/CVE-2013-5597"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5597",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5597"
},
{
"cve": "CVE-2013-5598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5598"
}
],
"notes": [
{
"category": "general",
"text": "PDF.js in Mozilla Firefox before 25.0 and Firefox ESR 24.x before 24.1 does not properly handle the appending of an IFRAME element, which allows remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges by using this element within an embedded PDF object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5598",
"url": "https://www.suse.com/security/cve/CVE-2013-5598"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5598",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5598"
},
{
"cve": "CVE-2013-5599",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5599"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a CANVAS element, a mozTextStyle attribute, and an onresize event.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5599",
"url": "https://www.suse.com/security/cve/CVE-2013-5599"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5599",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5599"
},
{
"cve": "CVE-2013-5600",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5600"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsIOService::NewChannelFromURIWithProxyFlags function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors involving a blob: URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5600",
"url": "https://www.suse.com/security/cve/CVE-2013-5600"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5600",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5600"
},
{
"cve": "CVE-2013-5601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5601"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsEventListenerManager::SetEventHandler function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors related to a memory allocation through the garbage collection (GC) API.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5601",
"url": "https://www.suse.com/security/cve/CVE-2013-5601"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5601",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5601"
},
{
"cve": "CVE-2013-5602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5602"
}
],
"notes": [
{
"category": "general",
"text": "The Worker::SetEventListener function in the Web workers implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to direct proxies.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5602",
"url": "https://www.suse.com/security/cve/CVE-2013-5602"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5602",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5602"
},
{
"cve": "CVE-2013-5603",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5603"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsContentUtils::ContentIsHostIncludingDescendantOf function in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving HTML document templates.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5603",
"url": "https://www.suse.com/security/cve/CVE-2013-5603"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5603",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5603"
},
{
"cve": "CVE-2013-5604",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5604"
}
],
"notes": [
{
"category": "general",
"text": "The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via crafted documents.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5604",
"url": "https://www.suse.com/security/cve/CVE-2013-5604"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5604",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5604"
},
{
"cve": "CVE-2013-5609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5609"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5609",
"url": "https://www.suse.com/security/cve/CVE-2013-5609"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5609",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-5609"
},
{
"cve": "CVE-2013-5610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5610"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5610",
"url": "https://www.suse.com/security/cve/CVE-2013-5610"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5610",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-5610"
},
{
"cve": "CVE-2013-5611",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5611"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to spoof a Web App installation site by controlling the timing of page navigation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5611",
"url": "https://www.suse.com/security/cve/CVE-2013-5611"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5611",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-5611"
},
{
"cve": "CVE-2013-5612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5612"
}
],
"notes": [
{
"category": "general",
"text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5612",
"url": "https://www.suse.com/security/cve/CVE-2013-5612"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5612",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-5612"
},
{
"cve": "CVE-2013-5613",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5613"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5613",
"url": "https://www.suse.com/security/cve/CVE-2013-5613"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5613",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-5613"
},
{
"cve": "CVE-2013-5614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5614"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5614",
"url": "https://www.suse.com/security/cve/CVE-2013-5614"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5614",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-5614"
},
{
"cve": "CVE-2013-5615",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5615"
}
],
"notes": [
{
"category": "general",
"text": "The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5615",
"url": "https://www.suse.com/security/cve/CVE-2013-5615"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5615",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-5615"
},
{
"cve": "CVE-2013-5616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5616"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5616",
"url": "https://www.suse.com/security/cve/CVE-2013-5616"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5616",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-5616"
},
{
"cve": "CVE-2013-5618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5618"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by triggering improper garbage collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5618",
"url": "https://www.suse.com/security/cve/CVE-2013-5618"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5618",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-5618"
},
{
"cve": "CVE-2013-5619",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5619"
}
],
"notes": [
{
"category": "general",
"text": "Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5619",
"url": "https://www.suse.com/security/cve/CVE-2013-5619"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5619",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5619"
},
{
"cve": "CVE-2013-6629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6629"
}
],
"notes": [
{
"category": "general",
"text": "The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6629",
"url": "https://www.suse.com/security/cve/CVE-2013-6629"
},
{
"category": "external",
"summary": "SUSE Bug 850430 for CVE-2013-6629",
"url": "https://bugzilla.suse.com/850430"
},
{
"category": "external",
"summary": "SUSE Bug 873872 for CVE-2013-6629",
"url": "https://bugzilla.suse.com/873872"
},
{
"category": "external",
"summary": "SUSE Bug 873873 for CVE-2013-6629",
"url": "https://bugzilla.suse.com/873873"
},
{
"category": "external",
"summary": "SUSE Bug 877429 for CVE-2013-6629",
"url": "https://bugzilla.suse.com/877429"
},
{
"category": "external",
"summary": "SUSE Bug 877430 for CVE-2013-6629",
"url": "https://bugzilla.suse.com/877430"
},
{
"category": "external",
"summary": "SUSE Bug 880246 for CVE-2013-6629",
"url": "https://bugzilla.suse.com/880246"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6629"
},
{
"cve": "CVE-2013-6630",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6630"
}
],
"notes": [
{
"category": "general",
"text": "The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6630",
"url": "https://www.suse.com/security/cve/CVE-2013-6630"
},
{
"category": "external",
"summary": "SUSE Bug 850430 for CVE-2013-6630",
"url": "https://bugzilla.suse.com/850430"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6630"
},
{
"cve": "CVE-2013-6671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6671"
}
],
"notes": [
{
"category": "general",
"text": "The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6671",
"url": "https://www.suse.com/security/cve/CVE-2013-6671"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-6671",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-6671"
},
{
"cve": "CVE-2013-6672",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6672"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 26.0 and SeaMonkey before 2.23 on Linux allow user-assisted remote attackers to read clipboard data by leveraging certain middle-click paste operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6672",
"url": "https://www.suse.com/security/cve/CVE-2013-6672"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-6672",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6672"
},
{
"cve": "CVE-2013-6673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6673"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user\u0027s removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6673",
"url": "https://www.suse.com/security/cve/CVE-2013-6673"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-6673",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6673"
},
{
"cve": "CVE-2014-1477",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1477"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1477",
"url": "https://www.suse.com/security/cve/CVE-2014-1477"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1477",
"url": "https://bugzilla.suse.com/861847"
},
{
"category": "external",
"summary": "SUSE Bug 862345 for CVE-2014-1477",
"url": "https://bugzilla.suse.com/862345"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1477"
},
{
"cve": "CVE-2014-1478",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1478"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the MPostWriteBarrier class in js/src/jit/MIR.h and stack alignment in js/src/jit/AsmJS.cpp in OdinMonkey, and unknown other vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1478",
"url": "https://www.suse.com/security/cve/CVE-2014-1478"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1478",
"url": "https://bugzilla.suse.com/861847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1478"
},
{
"cve": "CVE-2014-1479",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1479"
}
],
"notes": [
{
"category": "general",
"text": "The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1479",
"url": "https://www.suse.com/security/cve/CVE-2014-1479"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1479",
"url": "https://bugzilla.suse.com/861847"
},
{
"category": "external",
"summary": "SUSE Bug 862348 for CVE-2014-1479",
"url": "https://bugzilla.suse.com/862348"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1479"
},
{
"cve": "CVE-2014-1480",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1480"
}
],
"notes": [
{
"category": "general",
"text": "The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does not properly restrict the timing of button selections, which allows remote attackers to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1480",
"url": "https://www.suse.com/security/cve/CVE-2014-1480"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1480",
"url": "https://bugzilla.suse.com/861847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1480"
},
{
"cve": "CVE-2014-1481",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1481"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1481",
"url": "https://www.suse.com/security/cve/CVE-2014-1481"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1481",
"url": "https://bugzilla.suse.com/861847"
},
{
"category": "external",
"summary": "SUSE Bug 862309 for CVE-2014-1481",
"url": "https://bugzilla.suse.com/862309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1481"
},
{
"cve": "CVE-2014-1482",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1482"
}
],
"notes": [
{
"category": "general",
"text": "RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1482",
"url": "https://www.suse.com/security/cve/CVE-2014-1482"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1482",
"url": "https://bugzilla.suse.com/861847"
},
{
"category": "external",
"summary": "SUSE Bug 862356 for CVE-2014-1482",
"url": "https://bugzilla.suse.com/862356"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1482"
},
{
"cve": "CVE-2014-1483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1483"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1483",
"url": "https://www.suse.com/security/cve/CVE-2014-1483"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1483",
"url": "https://bugzilla.suse.com/861847"
},
{
"category": "external",
"summary": "SUSE Bug 862360 for CVE-2014-1483",
"url": "https://bugzilla.suse.com/862360"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1483"
},
{
"cve": "CVE-2014-1484",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1484"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 27.0 on Android 4.2 and earlier creates system-log entries containing profile paths, which allows attackers to obtain sensitive information via a crafted application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1484",
"url": "https://www.suse.com/security/cve/CVE-2014-1484"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1484",
"url": "https://bugzilla.suse.com/861847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1484"
},
{
"cve": "CVE-2014-1485",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1485"
}
],
"notes": [
{
"category": "general",
"text": "The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient style-src restrictions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1485",
"url": "https://www.suse.com/security/cve/CVE-2014-1485"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1485",
"url": "https://bugzilla.suse.com/861847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1485"
},
{
"cve": "CVE-2014-1486",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1486"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1486",
"url": "https://www.suse.com/security/cve/CVE-2014-1486"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1486",
"url": "https://bugzilla.suse.com/861847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1486"
},
{
"cve": "CVE-2014-1487",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1487"
}
],
"notes": [
{
"category": "general",
"text": "The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1487",
"url": "https://www.suse.com/security/cve/CVE-2014-1487"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1487",
"url": "https://bugzilla.suse.com/861847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1487"
},
{
"cve": "CVE-2014-1488",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1488"
}
],
"notes": [
{
"category": "general",
"text": "The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1488",
"url": "https://www.suse.com/security/cve/CVE-2014-1488"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1488",
"url": "https://bugzilla.suse.com/861847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1488"
},
{
"cve": "CVE-2014-1489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1489"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service (session restore) via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1489",
"url": "https://www.suse.com/security/cve/CVE-2014-1489"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1489",
"url": "https://bugzilla.suse.com/861847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1489"
},
{
"cve": "CVE-2014-1490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1490"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1490",
"url": "https://www.suse.com/security/cve/CVE-2014-1490"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1490",
"url": "https://bugzilla.suse.com/861847"
},
{
"category": "external",
"summary": "SUSE Bug 862300 for CVE-2014-1490",
"url": "https://bugzilla.suse.com/862300"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1490"
},
{
"cve": "CVE-2014-1491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1491"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote attackers to bypass cryptographic protection mechanisms in ticket handling by leveraging use of a certain value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1491",
"url": "https://www.suse.com/security/cve/CVE-2014-1491"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1491",
"url": "https://bugzilla.suse.com/861847"
},
{
"category": "external",
"summary": "SUSE Bug 862289 for CVE-2014-1491",
"url": "https://bugzilla.suse.com/862289"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1491"
},
{
"cve": "CVE-2014-1492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1492"
}
],
"notes": [
{
"category": "general",
"text": "The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded in an internationalized domain name\u0027s U-label, which might allow man-in-the-middle attackers to spoof SSL servers via a crafted certificate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1492",
"url": "https://www.suse.com/security/cve/CVE-2014-1492"
},
{
"category": "external",
"summary": "SUSE Bug 869827 for CVE-2014-1492",
"url": "https://bugzilla.suse.com/869827"
},
{
"category": "external",
"summary": "SUSE Bug 926974 for CVE-2014-1492",
"url": "https://bugzilla.suse.com/926974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1492"
},
{
"cve": "CVE-2014-1493",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1493"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1493",
"url": "https://www.suse.com/security/cve/CVE-2014-1493"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1493",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1493"
},
{
"cve": "CVE-2014-1494",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1494"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1494",
"url": "https://www.suse.com/security/cve/CVE-2014-1494"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1494",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1494"
},
{
"cve": "CVE-2014-1497",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1497"
}
],
"notes": [
{
"category": "general",
"text": "The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1497",
"url": "https://www.suse.com/security/cve/CVE-2014-1497"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1497",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1497"
},
{
"cve": "CVE-2014-1498",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1498"
}
],
"notes": [
{
"category": "general",
"text": "The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1498",
"url": "https://www.suse.com/security/cve/CVE-2014-1498"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1498",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1498"
},
{
"cve": "CVE-2014-1499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1499"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1499",
"url": "https://www.suse.com/security/cve/CVE-2014-1499"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1499",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1499"
},
{
"cve": "CVE-2014-1500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1500"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1500",
"url": "https://www.suse.com/security/cve/CVE-2014-1500"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1500",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1500"
},
{
"cve": "CVE-2014-1502",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1502"
}
],
"notes": [
{
"category": "general",
"text": "The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1502",
"url": "https://www.suse.com/security/cve/CVE-2014-1502"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1502",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1502"
},
{
"cve": "CVE-2014-1504",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1504"
}
],
"notes": [
{
"category": "general",
"text": "The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document that is accessed after a browser restart.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1504",
"url": "https://www.suse.com/security/cve/CVE-2014-1504"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1504",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1504"
},
{
"cve": "CVE-2014-1505",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1505"
}
],
"notes": [
{
"category": "general",
"text": "The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different domain, via a timing attack involving feDisplacementMap elements, a related issue to CVE-2013-1693.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1505",
"url": "https://www.suse.com/security/cve/CVE-2014-1505"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1505",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1505"
},
{
"cve": "CVE-2014-1508",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1508"
}
],
"notes": [
{
"category": "general",
"text": "The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1508",
"url": "https://www.suse.com/security/cve/CVE-2014-1508"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1508",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1508"
},
{
"cve": "CVE-2014-1509",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1509"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1509",
"url": "https://www.suse.com/security/cve/CVE-2014-1509"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1509",
"url": "https://bugzilla.suse.com/868603"
},
{
"category": "external",
"summary": "SUSE Bug 869339 for CVE-2014-1509",
"url": "https://bugzilla.suse.com/869339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1509"
},
{
"cve": "CVE-2014-1510",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1510"
}
],
"notes": [
{
"category": "general",
"text": "The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1510",
"url": "https://www.suse.com/security/cve/CVE-2014-1510"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1510",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1510"
},
{
"cve": "CVE-2014-1511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1511"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1511",
"url": "https://www.suse.com/security/cve/CVE-2014-1511"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1511",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1511"
},
{
"cve": "CVE-2014-1512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1512"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1512",
"url": "https://www.suse.com/security/cve/CVE-2014-1512"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1512",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1512"
},
{
"cve": "CVE-2014-1513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1513"
}
],
"notes": [
{
"category": "general",
"text": "TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1513",
"url": "https://www.suse.com/security/cve/CVE-2014-1513"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1513",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1513"
},
{
"cve": "CVE-2014-1514",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1514"
}
],
"notes": [
{
"category": "general",
"text": "vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1514",
"url": "https://www.suse.com/security/cve/CVE-2014-1514"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1514",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1514"
},
{
"cve": "CVE-2014-1518",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1518"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1518",
"url": "https://www.suse.com/security/cve/CVE-2014-1518"
},
{
"category": "external",
"summary": "SUSE Bug 875803 for CVE-2014-1518",
"url": "https://bugzilla.suse.com/875803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1518"
},
{
"cve": "CVE-2014-1519",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1519"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1519",
"url": "https://www.suse.com/security/cve/CVE-2014-1519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1519"
},
{
"cve": "CVE-2014-1522",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1522"
}
],
"notes": [
{
"category": "general",
"text": "The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via crafted content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1522",
"url": "https://www.suse.com/security/cve/CVE-2014-1522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1522"
},
{
"cve": "CVE-2014-1523",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1523"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1523",
"url": "https://www.suse.com/security/cve/CVE-2014-1523"
},
{
"category": "external",
"summary": "SUSE Bug 875803 for CVE-2014-1523",
"url": "https://bugzilla.suse.com/875803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1523"
},
{
"cve": "CVE-2014-1524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1524"
}
],
"notes": [
{
"category": "general",
"text": "The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted JavaScript code that accesses a non-XBL object as if it were an XBL object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1524",
"url": "https://www.suse.com/security/cve/CVE-2014-1524"
},
{
"category": "external",
"summary": "SUSE Bug 875803 for CVE-2014-1524",
"url": "https://bugzilla.suse.com/875803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1524"
},
{
"cve": "CVE-2014-1525",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1525"
}
],
"notes": [
{
"category": "general",
"text": "The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) via a crafted VIDEO element in an HTML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1525",
"url": "https://www.suse.com/security/cve/CVE-2014-1525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1525"
},
{
"cve": "CVE-2014-1526",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1526"
}
],
"notes": [
{
"category": "general",
"text": "The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped objects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1526",
"url": "https://www.suse.com/security/cve/CVE-2014-1526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1526"
},
{
"cve": "CVE-2014-1528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1528"
}
],
"notes": [
{
"category": "general",
"text": "The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo in Mozilla Firefox 28.0 and SeaMonkey 2.25 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by painting on a CANVAS element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1528",
"url": "https://www.suse.com/security/cve/CVE-2014-1528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1528"
},
{
"cve": "CVE-2014-1529",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1529"
}
],
"notes": [
{
"category": "general",
"text": "The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1529",
"url": "https://www.suse.com/security/cve/CVE-2014-1529"
},
{
"category": "external",
"summary": "SUSE Bug 875803 for CVE-2014-1529",
"url": "https://bugzilla.suse.com/875803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1529"
},
{
"cve": "CVE-2014-1530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1530"
}
],
"notes": [
{
"category": "general",
"text": "The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-site scripting (XSS) attacks, via a crafted web site that performs history navigation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1530",
"url": "https://www.suse.com/security/cve/CVE-2014-1530"
},
{
"category": "external",
"summary": "SUSE Bug 875378 for CVE-2014-1530",
"url": "https://bugzilla.suse.com/875378"
},
{
"category": "external",
"summary": "SUSE Bug 875803 for CVE-2014-1530",
"url": "https://bugzilla.suse.com/875803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1530"
},
{
"cve": "CVE-2014-1531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1531"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving an imgLoader object that is not properly handled during an image-resize operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1531",
"url": "https://www.suse.com/security/cve/CVE-2014-1531"
},
{
"category": "external",
"summary": "SUSE Bug 875803 for CVE-2014-1531",
"url": "https://bugzilla.suse.com/875803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1531"
},
{
"cve": "CVE-2014-1532",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1532"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to host resolution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1532",
"url": "https://www.suse.com/security/cve/CVE-2014-1532"
},
{
"category": "external",
"summary": "SUSE Bug 875803 for CVE-2014-1532",
"url": "https://bugzilla.suse.com/875803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1532"
},
{
"cve": "CVE-2014-1533",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1533"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1533",
"url": "https://www.suse.com/security/cve/CVE-2014-1533"
},
{
"category": "external",
"summary": "SUSE Bug 881874 for CVE-2014-1533",
"url": "https://bugzilla.suse.com/881874"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1533"
},
{
"cve": "CVE-2014-1534",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1534"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1534",
"url": "https://www.suse.com/security/cve/CVE-2014-1534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1534"
},
{
"cve": "CVE-2014-1536",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1536"
}
],
"notes": [
{
"category": "general",
"text": "The PropertyProvider::FindJustificationRange function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1536",
"url": "https://www.suse.com/security/cve/CVE-2014-1536"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1536"
},
{
"cve": "CVE-2014-1537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1537"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::dom::workers::WorkerPrivateParent function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1537",
"url": "https://www.suse.com/security/cve/CVE-2014-1537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1537"
},
{
"cve": "CVE-2014-1538",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1538"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1538",
"url": "https://www.suse.com/security/cve/CVE-2014-1538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1538"
},
{
"cve": "CVE-2014-1539",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1539"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript code that produces a fake cursor image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1539",
"url": "https://www.suse.com/security/cve/CVE-2014-1539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1539"
},
{
"cve": "CVE-2014-1540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1540"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsEventListenerManager::CompileEventHandlerInternal function in the Event Listener Manager in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1540",
"url": "https://www.suse.com/security/cve/CVE-2014-1540"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1540"
},
{
"cve": "CVE-2014-1541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1541"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1541",
"url": "https://www.suse.com/security/cve/CVE-2014-1541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1541"
},
{
"cve": "CVE-2014-1542",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1542"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code via vectors related to a crafted AudioBuffer channel count and sample rate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1542",
"url": "https://www.suse.com/security/cve/CVE-2014-1542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1542"
},
{
"cve": "CVE-2014-1543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1543"
}
],
"notes": [
{
"category": "general",
"text": "Multiple heap-based buffer overflows in the navigator.getGamepads function in the Gamepad API in Mozilla Firefox before 30.0 allow remote attackers to execute arbitrary code by using non-contiguous axes with a (1) physical or (2) virtual Gamepad device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1543",
"url": "https://www.suse.com/security/cve/CVE-2014-1543"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1543"
},
{
"cve": "CVE-2014-1544",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1544"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1544",
"url": "https://www.suse.com/security/cve/CVE-2014-1544"
},
{
"category": "external",
"summary": "SUSE Bug 887746 for CVE-2014-1544",
"url": "https://bugzilla.suse.com/887746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1544"
},
{
"cve": "CVE-2014-1545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1545"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1545",
"url": "https://www.suse.com/security/cve/CVE-2014-1545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1545"
},
{
"cve": "CVE-2014-1547",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1547"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1547",
"url": "https://www.suse.com/security/cve/CVE-2014-1547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1547"
},
{
"cve": "CVE-2014-1548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1548"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1548",
"url": "https://www.suse.com/security/cve/CVE-2014-1548"
},
{
"category": "external",
"summary": "SUSE Bug 887746 for CVE-2014-1548",
"url": "https://bugzilla.suse.com/887746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1548"
},
{
"cve": "CVE-2014-1549",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1549"
}
],
"notes": [
{
"category": "general",
"text": "The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted audio content that is improperly handled during playback buffering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1549",
"url": "https://www.suse.com/security/cve/CVE-2014-1549"
},
{
"category": "external",
"summary": "SUSE Bug 887746 for CVE-2014-1549",
"url": "https://bugzilla.suse.com/887746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1549"
},
{
"cve": "CVE-2014-1550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1550"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging incorrect Web Audio control-message ordering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1550",
"url": "https://www.suse.com/security/cve/CVE-2014-1550"
},
{
"category": "external",
"summary": "SUSE Bug 887746 for CVE-2014-1550",
"url": "https://bugzilla.suse.com/887746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1550"
},
{
"cve": "CVE-2014-1552",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1552"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 31.0 and Thunderbird before 31.0 do not properly implement the sandbox attribute of the IFRAME element, which allows remote attackers to bypass intended restrictions on same-origin content via a crafted web site in conjunction with a redirect.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1552",
"url": "https://www.suse.com/security/cve/CVE-2014-1552"
},
{
"category": "external",
"summary": "SUSE Bug 887746 for CVE-2014-1552",
"url": "https://bugzilla.suse.com/887746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1552"
},
{
"cve": "CVE-2014-1553",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1553"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1553",
"url": "https://www.suse.com/security/cve/CVE-2014-1553"
},
{
"category": "external",
"summary": "SUSE Bug 894370 for CVE-2014-1553",
"url": "https://bugzilla.suse.com/894370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1553"
},
{
"cve": "CVE-2014-1554",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1554"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 32.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1554",
"url": "https://www.suse.com/security/cve/CVE-2014-1554"
},
{
"category": "external",
"summary": "SUSE Bug 894370 for CVE-2014-1554",
"url": "https://bugzilla.suse.com/894370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1554"
},
{
"cve": "CVE-2014-1555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1555"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsDocLoader::OnProgress function in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allows remote attackers to execute arbitrary code via vectors that trigger a FireOnStateChange event.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1555",
"url": "https://www.suse.com/security/cve/CVE-2014-1555"
},
{
"category": "external",
"summary": "SUSE Bug 887746 for CVE-2014-1555",
"url": "https://bugzilla.suse.com/887746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1555"
},
{
"cve": "CVE-2014-1556",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1556"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to execute arbitrary code via crafted WebGL content constructed with the Cesium JavaScript library.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1556",
"url": "https://www.suse.com/security/cve/CVE-2014-1556"
},
{
"category": "external",
"summary": "SUSE Bug 887746 for CVE-2014-1556",
"url": "https://bugzilla.suse.com/887746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1556"
},
{
"cve": "CVE-2014-1557",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1557"
}
],
"notes": [
{
"category": "general",
"text": "The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolonged image scaling, as demonstrated by scaling of a high-quality image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1557",
"url": "https://www.suse.com/security/cve/CVE-2014-1557"
},
{
"category": "external",
"summary": "SUSE Bug 887746 for CVE-2014-1557",
"url": "https://bugzilla.suse.com/887746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1557"
},
{
"cve": "CVE-2014-1558",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1558"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1559.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1558",
"url": "https://www.suse.com/security/cve/CVE-2014-1558"
},
{
"category": "external",
"summary": "SUSE Bug 887746 for CVE-2014-1558",
"url": "https://bugzilla.suse.com/887746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1558"
},
{
"cve": "CVE-2014-1559",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1559"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1558.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1559",
"url": "https://www.suse.com/security/cve/CVE-2014-1559"
},
{
"category": "external",
"summary": "SUSE Bug 887746 for CVE-2014-1559",
"url": "https://bugzilla.suse.com/887746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1559"
},
{
"cve": "CVE-2014-1560",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1560"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use ASCII character encoding in a required context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1560",
"url": "https://www.suse.com/security/cve/CVE-2014-1560"
},
{
"category": "external",
"summary": "SUSE Bug 887746 for CVE-2014-1560",
"url": "https://bugzilla.suse.com/887746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1560"
},
{
"cve": "CVE-2014-1561",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1561"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 31.0 does not properly restrict use of drag-and-drop events to spoof customization events, which allows remote attackers to alter the placement of UI icons via crafted JavaScript code that is encountered during (1) page, (2) panel, or (3) toolbar customization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1561",
"url": "https://www.suse.com/security/cve/CVE-2014-1561"
},
{
"category": "external",
"summary": "SUSE Bug 887746 for CVE-2014-1561",
"url": "https://bugzilla.suse.com/887746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1561"
},
{
"cve": "CVE-2014-1562",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1562"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1562",
"url": "https://www.suse.com/security/cve/CVE-2014-1562"
},
{
"category": "external",
"summary": "SUSE Bug 894370 for CVE-2014-1562",
"url": "https://bugzilla.suse.com/894370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1562"
},
{
"cve": "CVE-2014-1563",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1563"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incorrect cycle collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1563",
"url": "https://www.suse.com/security/cve/CVE-2014-1563"
},
{
"category": "external",
"summary": "SUSE Bug 894370 for CVE-2014-1563",
"url": "https://bugzilla.suse.com/894370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1563"
},
{
"cve": "CVE-2014-1564",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1564"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 do not properly initialize memory for GIF rendering, which allows remote attackers to obtain sensitive information from process memory via crafted web script that interacts with a CANVAS element associated with a malformed GIF image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1564",
"url": "https://www.suse.com/security/cve/CVE-2014-1564"
},
{
"category": "external",
"summary": "SUSE Bug 894370 for CVE-2014-1564",
"url": "https://bugzilla.suse.com/894370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1564"
},
{
"cve": "CVE-2014-1565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1565"
}
],
"notes": [
{
"category": "general",
"text": "The mozilla::dom::AudioEventTimeline function in the Web Audio API implementation in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 does not properly create audio timelines, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via crafted API calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1565",
"url": "https://www.suse.com/security/cve/CVE-2014-1565"
},
{
"category": "external",
"summary": "SUSE Bug 894370 for CVE-2014-1565",
"url": "https://bugzilla.suse.com/894370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1565"
},
{
"cve": "CVE-2014-1567",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1567"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and layout.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1567",
"url": "https://www.suse.com/security/cve/CVE-2014-1567"
},
{
"category": "external",
"summary": "SUSE Bug 894370 for CVE-2014-1567",
"url": "https://bugzilla.suse.com/894370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1567"
},
{
"cve": "CVE-2014-1574",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1574"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1574",
"url": "https://www.suse.com/security/cve/CVE-2014-1574"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1574",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1574"
},
{
"cve": "CVE-2014-1575",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1575"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to improper interaction between threading and garbage collection in the GCRuntime::triggerGC function in js/src/jsgc.cpp, and unknown other vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1575",
"url": "https://www.suse.com/security/cve/CVE-2014-1575"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1575",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1575"
},
{
"cve": "CVE-2014-1576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1576"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsTransformedTextRun function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via Cascading Style Sheets (CSS) token sequences that trigger changes to capitalization style.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1576",
"url": "https://www.suse.com/security/cve/CVE-2014-1576"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1576",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1576"
},
{
"cve": "CVE-2014-1577",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1577"
}
],
"notes": [
{
"category": "general",
"text": "The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via an invalid custom waveform that triggers a calculation of a negative frequency value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1577",
"url": "https://www.suse.com/security/cve/CVE-2014-1577"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1577",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1577"
},
{
"cve": "CVE-2014-1578",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1578"
}
],
"notes": [
{
"category": "general",
"text": "The get_tile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly execute arbitrary code via WebM frames with invalid tile sizes that are improperly handled in buffering operations during video playback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1578",
"url": "https://www.suse.com/security/cve/CVE-2014-1578"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1578",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1578"
},
{
"cve": "CVE-2014-1580",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1580"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 33.0 does not properly initialize memory for GIF images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers a sequence of rendering operations for truncated GIF data within a CANVAS element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1580",
"url": "https://www.suse.com/security/cve/CVE-2014-1580"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1580",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1580"
},
{
"cve": "CVE-2014-1581",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1581"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and layout.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1581",
"url": "https://www.suse.com/security/cve/CVE-2014-1581"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1581",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1581"
},
{
"cve": "CVE-2014-1582",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1582"
}
],
"notes": [
{
"category": "general",
"text": "The Public Key Pinning (PKP) implementation in Mozilla Firefox before 33.0 does not properly consider the connection-coalescing behavior of SPDY and HTTP/2 in the case of a shared IP address, which allows man-in-the-middle attackers to bypass an intended pinning configuration and spoof a web site by providing a valid certificate from an arbitrary recognized Certification Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1582",
"url": "https://www.suse.com/security/cve/CVE-2014-1582"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1582",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1582"
},
{
"cve": "CVE-2014-1583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1583"
}
],
"notes": [
{
"category": "general",
"text": "The Alarm API in Mozilla Firefox before 33.0 and Firefox ESR 31.x before 31.2 does not properly restrict toJSON calls, which allows remote attackers to bypass the Same Origin Policy via crafted API calls that access sensitive information within the JSON data of an alarm.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1583",
"url": "https://www.suse.com/security/cve/CVE-2014-1583"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1583",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1583"
},
{
"cve": "CVE-2014-1584",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1584"
}
],
"notes": [
{
"category": "general",
"text": "The Public Key Pinning (PKP) implementation in Mozilla Firefox before 33.0 skips pinning checks upon an unspecified issuer-verification error, which makes it easier for remote attackers to bypass an intended pinning configuration and spoof a web site via a crafted certificate that leads to presentation of the Untrusted Connection dialog to the user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1584",
"url": "https://www.suse.com/security/cve/CVE-2014-1584"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1584",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1584"
},
{
"cve": "CVE-2014-1585",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1585"
}
],
"notes": [
{
"category": "general",
"text": "The WebRTC video-sharing feature in dom/media/MediaManager.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not properly recognize Stop Sharing actions for videos in IFRAME elements, which allows remote attackers to obtain sensitive information from the local camera by maintaining a session after the user tries to discontinue streaming.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1585",
"url": "https://www.suse.com/security/cve/CVE-2014-1585"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1585",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1585"
},
{
"cve": "CVE-2014-1586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1586"
}
],
"notes": [
{
"category": "general",
"text": "content/base/src/nsDocument.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not consider whether WebRTC video sharing is occurring, which allows remote attackers to obtain sensitive information from the local camera in certain IFRAME situations by maintaining a session after the user temporarily navigates away.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1586",
"url": "https://www.suse.com/security/cve/CVE-2014-1586"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1586",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1586"
},
{
"cve": "CVE-2014-1587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1587"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1587",
"url": "https://www.suse.com/security/cve/CVE-2014-1587"
},
{
"category": "external",
"summary": "SUSE Bug 908009 for CVE-2014-1587",
"url": "https://bugzilla.suse.com/908009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1587"
},
{
"cve": "CVE-2014-1588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1588"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1588",
"url": "https://www.suse.com/security/cve/CVE-2014-1588"
},
{
"category": "external",
"summary": "SUSE Bug 908009 for CVE-2014-1588",
"url": "https://bugzilla.suse.com/908009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1588"
},
{
"cve": "CVE-2014-1589",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1589"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 34.0 and SeaMonkey before 2.31 provide stylesheets with an incorrect primary namespace, which allows remote attackers to bypass intended access restrictions via an XBL binding.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1589",
"url": "https://www.suse.com/security/cve/CVE-2014-1589"
},
{
"category": "external",
"summary": "SUSE Bug 908009 for CVE-2014-1589",
"url": "https://bugzilla.suse.com/908009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1589"
},
{
"cve": "CVE-2014-1590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1590"
}
],
"notes": [
{
"category": "general",
"text": "The XMLHttpRequest.prototype.send method in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to cause a denial of service (application crash) via a crafted JavaScript object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1590",
"url": "https://www.suse.com/security/cve/CVE-2014-1590"
},
{
"category": "external",
"summary": "SUSE Bug 908009 for CVE-2014-1590",
"url": "https://bugzilla.suse.com/908009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1590"
},
{
"cve": "CVE-2014-1591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1591"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 33.0 and SeaMonkey before 2.31 include path strings in CSP violation reports, which allows remote attackers to obtain sensitive information via a web site that receives a report after a redirect.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1591",
"url": "https://www.suse.com/security/cve/CVE-2014-1591"
},
{
"category": "external",
"summary": "SUSE Bug 908009 for CVE-2014-1591",
"url": "https://bugzilla.suse.com/908009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1591"
},
{
"cve": "CVE-2014-1592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1592"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsHtml5TreeOperation function in xul.dll in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code by adding a second root element to an HTML5 document during parsing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1592",
"url": "https://www.suse.com/security/cve/CVE-2014-1592"
},
{
"category": "external",
"summary": "SUSE Bug 908009 for CVE-2014-1592",
"url": "https://bugzilla.suse.com/908009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1592"
},
{
"cve": "CVE-2014-1593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1593"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer overflow in the mozilla::FileBlockCache::Read function in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code via crafted media content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1593",
"url": "https://www.suse.com/security/cve/CVE-2014-1593"
},
{
"category": "external",
"summary": "SUSE Bug 908009 for CVE-2014-1593",
"url": "https://bugzilla.suse.com/908009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1593"
},
{
"cve": "CVE-2014-1594",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1594"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 might allow remote attackers to execute arbitrary code by leveraging an incorrect cast from the BasicThebesLayer data type to the BasicContainerLayer data type.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1594",
"url": "https://www.suse.com/security/cve/CVE-2014-1594"
},
{
"category": "external",
"summary": "SUSE Bug 908009 for CVE-2014-1594",
"url": "https://bugzilla.suse.com/908009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1594"
},
{
"cve": "CVE-2014-8634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8634"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8634",
"url": "https://www.suse.com/security/cve/CVE-2014-8634"
},
{
"category": "external",
"summary": "SUSE Bug 913064 for CVE-2014-8634",
"url": "https://bugzilla.suse.com/913064"
},
{
"category": "external",
"summary": "SUSE Bug 913096 for CVE-2014-8634",
"url": "https://bugzilla.suse.com/913096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-8634"
},
{
"cve": "CVE-2014-8635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8635"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8635",
"url": "https://www.suse.com/security/cve/CVE-2014-8635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-8635"
},
{
"cve": "CVE-2014-8636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8636"
}
],
"notes": [
{
"category": "general",
"text": "The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8636",
"url": "https://www.suse.com/security/cve/CVE-2014-8636"
},
{
"category": "external",
"summary": "SUSE Bug 913096 for CVE-2014-8636",
"url": "https://bugzilla.suse.com/913096"
},
{
"category": "external",
"summary": "SUSE Bug 913102 for CVE-2014-8636",
"url": "https://bugzilla.suse.com/913102"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-8636"
},
{
"cve": "CVE-2014-8637",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8637"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly initialize memory for BMP images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers the rendering of malformed BMP data within a CANVAS element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8637",
"url": "https://www.suse.com/security/cve/CVE-2014-8637"
},
{
"category": "external",
"summary": "SUSE Bug 913096 for CVE-2014-8637",
"url": "https://bugzilla.suse.com/913096"
},
{
"category": "external",
"summary": "SUSE Bug 913103 for CVE-2014-8637",
"url": "https://bugzilla.suse.com/913103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-8637"
},
{
"cve": "CVE-2014-8638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8638"
}
],
"notes": [
{
"category": "general",
"text": "The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8638",
"url": "https://www.suse.com/security/cve/CVE-2014-8638"
},
{
"category": "external",
"summary": "SUSE Bug 913068 for CVE-2014-8638",
"url": "https://bugzilla.suse.com/913068"
},
{
"category": "external",
"summary": "SUSE Bug 913096 for CVE-2014-8638",
"url": "https://bugzilla.suse.com/913096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-8638"
},
{
"cve": "CVE-2014-8639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8639"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 do not properly interpret Set-Cookie headers within responses that have a 407 (aka Proxy Authentication Required) status code, which allows remote HTTP proxy servers to conduct session fixation attacks by providing a cookie name that corresponds to the session cookie of the origin server.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8639",
"url": "https://www.suse.com/security/cve/CVE-2014-8639"
},
{
"category": "external",
"summary": "SUSE Bug 913066 for CVE-2014-8639",
"url": "https://bugzilla.suse.com/913066"
},
{
"category": "external",
"summary": "SUSE Bug 913096 for CVE-2014-8639",
"url": "https://bugzilla.suse.com/913096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-8639"
},
{
"cve": "CVE-2014-8640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8640"
}
],
"notes": [
{
"category": "general",
"text": "The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly restrict timeline operations, which allows remote attackers to cause a denial of service (uninitialized-memory read and application crash) via crafted API calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8640",
"url": "https://www.suse.com/security/cve/CVE-2014-8640"
},
{
"category": "external",
"summary": "SUSE Bug 913096 for CVE-2014-8640",
"url": "https://bugzilla.suse.com/913096"
},
{
"category": "external",
"summary": "SUSE Bug 913104 for CVE-2014-8640",
"url": "https://bugzilla.suse.com/913104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-8640"
},
{
"cve": "CVE-2014-8641",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8641"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the WebRTC implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, and SeaMonkey before 2.32 allows remote attackers to execute arbitrary code via crafted track data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8641",
"url": "https://www.suse.com/security/cve/CVE-2014-8641"
},
{
"category": "external",
"summary": "SUSE Bug 913067 for CVE-2014-8641",
"url": "https://bugzilla.suse.com/913067"
},
{
"category": "external",
"summary": "SUSE Bug 913096 for CVE-2014-8641",
"url": "https://bugzilla.suse.com/913096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-8641"
},
{
"cve": "CVE-2014-8642",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8642"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not consider the id-pkix-ocsp-nocheck extension in deciding whether to trust an OCSP responder, which makes it easier for remote attackers to obtain sensitive information by sniffing the network during a session in which there was an incorrect decision to accept a compromised and revoked certificate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8642",
"url": "https://www.suse.com/security/cve/CVE-2014-8642"
},
{
"category": "external",
"summary": "SUSE Bug 913222 for CVE-2014-8642",
"url": "https://bugzilla.suse.com/913222"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-8642"
},
{
"cve": "CVE-2014-8643",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8643"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 35.0 on Windows allows remote attackers to bypass the Gecko Media Plugin (GMP) sandbox protection mechanism by leveraging access to the GMP process, as demonstrated by the OpenH264 plugin\u0027s process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8643",
"url": "https://www.suse.com/security/cve/CVE-2014-8643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-8643"
},
{
"cve": "CVE-2015-0798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0798"
}
],
"notes": [
{
"category": "general",
"text": "The Reader mode feature in Mozilla Firefox before 37.0.1 on Android, and Desktop Firefox pre-release, does not properly handle privileged URLs, which makes it easier for remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging the ability to bypass the Same Origin Policy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0798",
"url": "https://www.suse.com/security/cve/CVE-2015-0798"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-0798"
},
{
"cve": "CVE-2015-0799",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0799"
}
],
"notes": [
{
"category": "general",
"text": "The HTTP Alternative Services feature in Mozilla Firefox before 37.0.1 allows man-in-the-middle attackers to bypass an intended X.509 certificate-verification step for an SSL server by specifying that server in the uri-host field of an Alt-Svc HTTP/2 response header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0799",
"url": "https://www.suse.com/security/cve/CVE-2015-0799"
},
{
"category": "external",
"summary": "SUSE Bug 925368 for CVE-2015-0799",
"url": "https://bugzilla.suse.com/925368"
},
{
"category": "external",
"summary": "SUSE Bug 926166 for CVE-2015-0799",
"url": "https://bugzilla.suse.com/926166"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0799"
},
{
"cve": "CVE-2015-0800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0800"
}
],
"notes": [
{
"category": "general",
"text": "The PRNG implementation in the DNS resolver in Mozilla Firefox (aka Fennec) before 37.0 on Android does not properly generate random numbers for query ID values and UDP source ports, which makes it easier for remote attackers to spoof DNS responses by guessing these numbers, a related issue to CVE-2012-2808.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0800",
"url": "https://www.suse.com/security/cve/CVE-2015-0800"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-0800"
},
{
"cve": "CVE-2015-0801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0801"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving anchor navigation, a similar issue to CVE-2015-0818.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0801",
"url": "https://www.suse.com/security/cve/CVE-2015-0801"
},
{
"category": "external",
"summary": "SUSE Bug 925368 for CVE-2015-0801",
"url": "https://bugzilla.suse.com/925368"
},
{
"category": "external",
"summary": "SUSE Bug 925401 for CVE-2015-0801",
"url": "https://bugzilla.suse.com/925401"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0801"
},
{
"cve": "CVE-2015-0802",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0802"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 37.0 relies on docshell type information instead of page principal information for Window.webidl access control, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via certain content navigation that leverages the reachability of a privileged window with an unintended persistence of access to restricted internal methods.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0802",
"url": "https://www.suse.com/security/cve/CVE-2015-0802"
},
{
"category": "external",
"summary": "SUSE Bug 925368 for CVE-2015-0802",
"url": "https://bugzilla.suse.com/925368"
},
{
"category": "external",
"summary": "SUSE Bug 925402 for CVE-2015-0802",
"url": "https://bugzilla.suse.com/925402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-0802"
},
{
"cve": "CVE-2015-0803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0803"
}
],
"notes": [
{
"category": "general",
"text": "The HTMLSourceElement::AfterSetAttr function in Mozilla Firefox before 37.0 does not properly constrain the original data type of a casted value during the setting of a SOURCE element\u0027s attributes, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted HTML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0803",
"url": "https://www.suse.com/security/cve/CVE-2015-0803"
},
{
"category": "external",
"summary": "SUSE Bug 925368 for CVE-2015-0803",
"url": "https://bugzilla.suse.com/925368"
},
{
"category": "external",
"summary": "SUSE Bug 925400 for CVE-2015-0803",
"url": "https://bugzilla.suse.com/925400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0803"
},
{
"cve": "CVE-2015-0804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0804"
}
],
"notes": [
{
"category": "general",
"text": "The HTMLSourceElement::BindToTree function in Mozilla Firefox before 37.0 does not properly constrain a data type after omitting namespace validation during certain tree-binding operations, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted HTML document containing a SOURCE element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0804",
"url": "https://www.suse.com/security/cve/CVE-2015-0804"
},
{
"category": "external",
"summary": "SUSE Bug 925368 for CVE-2015-0804",
"url": "https://bugzilla.suse.com/925368"
},
{
"category": "external",
"summary": "SUSE Bug 925400 for CVE-2015-0804",
"url": "https://bugzilla.suse.com/925400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0804"
},
{
"cve": "CVE-2015-0805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0805"
}
],
"notes": [
{
"category": "general",
"text": "The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before 37.0 makes an incorrect memset call during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors that trigger rendering of 2D graphics content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0805",
"url": "https://www.suse.com/security/cve/CVE-2015-0805"
},
{
"category": "external",
"summary": "SUSE Bug 925368 for CVE-2015-0805",
"url": "https://bugzilla.suse.com/925368"
},
{
"category": "external",
"summary": "SUSE Bug 925399 for CVE-2015-0805",
"url": "https://bugzilla.suse.com/925399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0805"
},
{
"cve": "CVE-2015-0806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0806"
}
],
"notes": [
{
"category": "general",
"text": "The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before 37.0 attempts to use memset for a memory region of negative length during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors that trigger rendering of 2D graphics content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0806",
"url": "https://www.suse.com/security/cve/CVE-2015-0806"
},
{
"category": "external",
"summary": "SUSE Bug 925368 for CVE-2015-0806",
"url": "https://bugzilla.suse.com/925368"
},
{
"category": "external",
"summary": "SUSE Bug 925399 for CVE-2015-0806",
"url": "https://bugzilla.suse.com/925399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0806"
},
{
"cve": "CVE-2015-0807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0807"
}
],
"notes": [
{
"category": "general",
"text": "The navigator.sendBeacon implementation in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 processes HTTP 30x status codes for redirects after a preflight request has occurred, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site, a similar issue to CVE-2014-8638.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0807",
"url": "https://www.suse.com/security/cve/CVE-2015-0807"
},
{
"category": "external",
"summary": "SUSE Bug 913068 for CVE-2015-0807",
"url": "https://bugzilla.suse.com/913068"
},
{
"category": "external",
"summary": "SUSE Bug 925368 for CVE-2015-0807",
"url": "https://bugzilla.suse.com/925368"
},
{
"category": "external",
"summary": "SUSE Bug 925398 for CVE-2015-0807",
"url": "https://bugzilla.suse.com/925398"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0807"
},
{
"cve": "CVE-2015-0808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0808"
}
],
"notes": [
{
"category": "general",
"text": "The webrtc::VPMContentAnalysis::Release function in the WebRTC implementation in Mozilla Firefox before 37.0 uses incompatible approaches to the deallocation of memory for simple-type arrays, which might allow remote attackers to cause a denial of service (memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0808",
"url": "https://www.suse.com/security/cve/CVE-2015-0808"
},
{
"category": "external",
"summary": "SUSE Bug 925368 for CVE-2015-0808",
"url": "https://bugzilla.suse.com/925368"
},
{
"category": "external",
"summary": "SUSE Bug 925397 for CVE-2015-0808",
"url": "https://bugzilla.suse.com/925397"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-0808"
},
{
"cve": "CVE-2015-0810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0810"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 37.0 on OS X does not ensure that the cursor is visible, which allows remote attackers to conduct clickjacking attacks via a Flash object in conjunction with DIV elements associated with layered presentation, and crafted JavaScript code that interacts with an IMG element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0810",
"url": "https://www.suse.com/security/cve/CVE-2015-0810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-0810"
},
{
"cve": "CVE-2015-0811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0811"
}
],
"notes": [
{
"category": "general",
"text": "The QCMS implementation in Mozilla Firefox before 37.0 allows remote attackers to obtain sensitive information from process heap memory or cause a denial of service (out-of-bounds read) via an image that is improperly handled during transformation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0811",
"url": "https://www.suse.com/security/cve/CVE-2015-0811"
},
{
"category": "external",
"summary": "SUSE Bug 925368 for CVE-2015-0811",
"url": "https://bugzilla.suse.com/925368"
},
{
"category": "external",
"summary": "SUSE Bug 925396 for CVE-2015-0811",
"url": "https://bugzilla.suse.com/925396"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-0811"
},
{
"cve": "CVE-2015-0812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0812"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle attackers to bypass an intended user-confirmation requirement by deploying a crafted web site and conducting a DNS spoofing attack against a mozilla.org subdomain.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0812",
"url": "https://www.suse.com/security/cve/CVE-2015-0812"
},
{
"category": "external",
"summary": "SUSE Bug 925368 for CVE-2015-0812",
"url": "https://bugzilla.suse.com/925368"
},
{
"category": "external",
"summary": "SUSE Bug 925394 for CVE-2015-0812",
"url": "https://bugzilla.suse.com/925394"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-0812"
},
{
"cve": "CVE-2015-0813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0813"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the AppendElements function in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 on Linux, when the Fluendo MP3 plugin for GStreamer is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted MP3 file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0813",
"url": "https://www.suse.com/security/cve/CVE-2015-0813"
},
{
"category": "external",
"summary": "SUSE Bug 925368 for CVE-2015-0813",
"url": "https://bugzilla.suse.com/925368"
},
{
"category": "external",
"summary": "SUSE Bug 925393 for CVE-2015-0813",
"url": "https://bugzilla.suse.com/925393"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0813"
},
{
"cve": "CVE-2015-0814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0814"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 37.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0814",
"url": "https://www.suse.com/security/cve/CVE-2015-0814"
},
{
"category": "external",
"summary": "SUSE Bug 925368 for CVE-2015-0814",
"url": "https://bugzilla.suse.com/925368"
},
{
"category": "external",
"summary": "SUSE Bug 925392 for CVE-2015-0814",
"url": "https://bugzilla.suse.com/925392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0814"
},
{
"cve": "CVE-2015-0815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0815"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0815",
"url": "https://www.suse.com/security/cve/CVE-2015-0815"
},
{
"category": "external",
"summary": "SUSE Bug 925368 for CVE-2015-0815",
"url": "https://bugzilla.suse.com/925368"
},
{
"category": "external",
"summary": "SUSE Bug 925392 for CVE-2015-0815",
"url": "https://bugzilla.suse.com/925392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0815"
},
{
"cve": "CVE-2015-0816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0816"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 do not properly restrict resource: URLs, which makes it easier for remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging the ability to bypass the Same Origin Policy, as demonstrated by the resource: URL associated with PDF.js.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0816",
"url": "https://www.suse.com/security/cve/CVE-2015-0816"
},
{
"category": "external",
"summary": "SUSE Bug 925368 for CVE-2015-0816",
"url": "https://bugzilla.suse.com/925368"
},
{
"category": "external",
"summary": "SUSE Bug 925395 for CVE-2015-0816",
"url": "https://bugzilla.suse.com/925395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0816"
},
{
"cve": "CVE-2015-0817",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0817"
}
],
"notes": [
{
"category": "general",
"text": "The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2, and SeaMonkey before 2.33.1 does not properly determine the cases in which bounds checking may be safely skipped during JIT compilation and heap access, which allows remote attackers to read or write to unintended memory locations, and consequently execute arbitrary code, via crafted JavaScript.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0817",
"url": "https://www.suse.com/security/cve/CVE-2015-0817"
},
{
"category": "external",
"summary": "SUSE Bug 923495 for CVE-2015-0817",
"url": "https://bugzilla.suse.com/923495"
},
{
"category": "external",
"summary": "SUSE Bug 923534 for CVE-2015-0817",
"url": "https://bugzilla.suse.com/923534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0817"
},
{
"cve": "CVE-2015-0818",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0818"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 36.0.4, Firefox ESR 31.x before 31.5.3, and SeaMonkey before 2.33.1 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving SVG hash navigation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0818",
"url": "https://www.suse.com/security/cve/CVE-2015-0818"
},
{
"category": "external",
"summary": "SUSE Bug 923495 for CVE-2015-0818",
"url": "https://bugzilla.suse.com/923495"
},
{
"category": "external",
"summary": "SUSE Bug 923534 for CVE-2015-0818",
"url": "https://bugzilla.suse.com/923534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0818"
},
{
"cve": "CVE-2015-0819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0819"
}
],
"notes": [
{
"category": "general",
"text": "The UITour::onPageEvent function in Mozilla Firefox before 36.0 does not ensure that an API call originates from a foreground tab, which allows remote attackers to conduct spoofing and clickjacking attacks by leveraging access to a UI Tour web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0819",
"url": "https://www.suse.com/security/cve/CVE-2015-0819"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0819",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0819"
},
{
"cve": "CVE-2015-0820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0820"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 36.0 does not properly restrict transitions of JavaScript objects from a non-extensible state to an extensible state, which allows remote attackers to bypass a Caja Compiler sandbox protection mechanism or a Secure EcmaScript sandbox protection mechanism via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0820",
"url": "https://www.suse.com/security/cve/CVE-2015-0820"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0820",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0820"
},
{
"cve": "CVE-2015-0821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0821"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 36.0 allows user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0821",
"url": "https://www.suse.com/security/cve/CVE-2015-0821"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0821",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0821"
},
{
"cve": "CVE-2015-0822",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0822"
}
],
"notes": [
{
"category": "general",
"text": "The Form Autocompletion feature in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to read arbitrary files via crafted JavaScript code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0822",
"url": "https://www.suse.com/security/cve/CVE-2015-0822"
},
{
"category": "external",
"summary": "SUSE Bug 910669 for CVE-2015-0822",
"url": "https://bugzilla.suse.com/910669"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0822",
"url": "https://bugzilla.suse.com/917597"
},
{
"category": "external",
"summary": "SUSE Bug 923534 for CVE-2015-0822",
"url": "https://bugzilla.suse.com/923534"
},
{
"category": "external",
"summary": "SUSE Bug 924515 for CVE-2015-0822",
"url": "https://bugzilla.suse.com/924515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0822"
},
{
"cve": "CVE-2015-0823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0823"
}
],
"notes": [
{
"category": "general",
"text": "Multiple use-after-free vulnerabilities in OpenType Sanitiser, as used in Mozilla Firefox before 36.0, might allow remote attackers to trigger problematic Developer Console information or possibly have unspecified other impact by leveraging incorrect macro expansion, related to the ots::ots_gasp_parse function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0823",
"url": "https://www.suse.com/security/cve/CVE-2015-0823"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0823",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0823"
},
{
"cve": "CVE-2015-0824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0824"
}
],
"notes": [
{
"category": "general",
"text": "The mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 36.0 allows remote attackers to cause a denial of service (out-of-bounds write of zero values, and application crash) via vectors that trigger use of DrawTarget and the Cairo library for image drawing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0824",
"url": "https://www.suse.com/security/cve/CVE-2015-0824"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0824",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0824"
},
{
"cve": "CVE-2015-0825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0825"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer underflow in the mozilla::MP3FrameParser::ParseBuffer function in Mozilla Firefox before 36.0 allows remote attackers to obtain sensitive information from process memory via a malformed MP3 file that improperly interacts with memory allocation during playback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0825",
"url": "https://www.suse.com/security/cve/CVE-2015-0825"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0825",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0825"
},
{
"cve": "CVE-2015-0826",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0826"
}
],
"notes": [
{
"category": "general",
"text": "The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read of heap memory) via a crafted Cascading Style Sheets (CSS) token sequence that triggers a restyle or reflow operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0826",
"url": "https://www.suse.com/security/cve/CVE-2015-0826"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0826",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0826"
},
{
"cve": "CVE-2015-0827",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0827"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the mozilla::gfx::CopyRect function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to obtain sensitive information from uninitialized process memory via a malformed SVG graphic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0827",
"url": "https://www.suse.com/security/cve/CVE-2015-0827"
},
{
"category": "external",
"summary": "SUSE Bug 910669 for CVE-2015-0827",
"url": "https://bugzilla.suse.com/910669"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0827",
"url": "https://bugzilla.suse.com/917597"
},
{
"category": "external",
"summary": "SUSE Bug 923534 for CVE-2015-0827",
"url": "https://bugzilla.suse.com/923534"
},
{
"category": "external",
"summary": "SUSE Bug 924515 for CVE-2015-0827",
"url": "https://bugzilla.suse.com/924515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0827"
},
{
"cve": "CVE-2015-0828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0828"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in the nsXMLHttpRequest::GetResponse function in Mozilla Firefox before 36.0, when a nonstandard memory allocator is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted JavaScript code that makes an XMLHttpRequest call with zero bytes of data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0828",
"url": "https://www.suse.com/security/cve/CVE-2015-0828"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0828",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0828"
},
{
"cve": "CVE-2015-0829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0829"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in libstagefright in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code via a crafted MP4 video that is improperly handled during playback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0829",
"url": "https://www.suse.com/security/cve/CVE-2015-0829"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0829",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0829"
},
{
"cve": "CVE-2015-0830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0830"
}
],
"notes": [
{
"category": "general",
"text": "The WebGL implementation in Mozilla Firefox before 36.0 does not properly allocate memory for copying an unspecified string to a shader\u0027s compilation log, which allows remote attackers to cause a denial of service (application crash) via crafted WebGL content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0830",
"url": "https://www.suse.com/security/cve/CVE-2015-0830"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0830",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0830"
},
{
"cve": "CVE-2015-0831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0831"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted content that is improperly handled during IndexedDB index creation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0831",
"url": "https://www.suse.com/security/cve/CVE-2015-0831"
},
{
"category": "external",
"summary": "SUSE Bug 910669 for CVE-2015-0831",
"url": "https://bugzilla.suse.com/910669"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0831",
"url": "https://bugzilla.suse.com/917597"
},
{
"category": "external",
"summary": "SUSE Bug 923534 for CVE-2015-0831",
"url": "https://bugzilla.suse.com/923534"
},
{
"category": "external",
"summary": "SUSE Bug 924515 for CVE-2015-0831",
"url": "https://bugzilla.suse.com/924515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0831"
},
{
"cve": "CVE-2015-0832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0832"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 36.0 does not properly recognize the equivalence of domain names with and without a trailing . (dot) character, which allows man-in-the-middle attackers to bypass the HPKP and HSTS protection mechanisms by constructing a URL with this character and leveraging access to an X.509 certificate for a domain with this character.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0832",
"url": "https://www.suse.com/security/cve/CVE-2015-0832"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0832",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0832"
},
{
"cve": "CVE-2015-0833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0833"
}
],
"notes": [
{
"category": "general",
"text": "Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 on Windows, when the Maintenance Service is not used, allow local users to gain privileges via a Trojan horse DLL in (1) the current working directory or (2) a temporary directory, as demonstrated by bcrypt.dll.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0833",
"url": "https://www.suse.com/security/cve/CVE-2015-0833"
},
{
"category": "external",
"summary": "SUSE Bug 923534 for CVE-2015-0833",
"url": "https://bugzilla.suse.com/923534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-0833"
},
{
"cve": "CVE-2015-0834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0834"
}
],
"notes": [
{
"category": "general",
"text": "The WebRTC subsystem in Mozilla Firefox before 36.0 recognizes turns: and stuns: URIs but accesses the TURN or STUN server without using TLS, which makes it easier for man-in-the-middle attackers to discover credentials by spoofing a server and completing a brute-force attack within a short time window.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0834",
"url": "https://www.suse.com/security/cve/CVE-2015-0834"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0834",
"url": "https://bugzilla.suse.com/917597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0834"
},
{
"cve": "CVE-2015-0835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0835"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0835",
"url": "https://www.suse.com/security/cve/CVE-2015-0835"
},
{
"category": "external",
"summary": "SUSE Bug 910669 for CVE-2015-0835",
"url": "https://bugzilla.suse.com/910669"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0835",
"url": "https://bugzilla.suse.com/917597"
},
{
"category": "external",
"summary": "SUSE Bug 924515 for CVE-2015-0835",
"url": "https://bugzilla.suse.com/924515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0835"
},
{
"cve": "CVE-2015-0836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0836"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0836",
"url": "https://www.suse.com/security/cve/CVE-2015-0836"
},
{
"category": "external",
"summary": "SUSE Bug 910669 for CVE-2015-0836",
"url": "https://bugzilla.suse.com/910669"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0836",
"url": "https://bugzilla.suse.com/917597"
},
{
"category": "external",
"summary": "SUSE Bug 923534 for CVE-2015-0836",
"url": "https://bugzilla.suse.com/923534"
},
{
"category": "external",
"summary": "SUSE Bug 924515 for CVE-2015-0836",
"url": "https://bugzilla.suse.com/924515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0836"
},
{
"cve": "CVE-2015-2706",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2706"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent function in Mozilla Firefox before 37.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted plugin that does not properly complete initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2706",
"url": "https://www.suse.com/security/cve/CVE-2015-2706"
},
{
"category": "external",
"summary": "SUSE Bug 928116 for CVE-2015-2706",
"url": "https://bugzilla.suse.com/928116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-2706"
},
{
"cve": "CVE-2015-2708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2708"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2708",
"url": "https://www.suse.com/security/cve/CVE-2015-2708"
},
{
"category": "external",
"summary": "SUSE Bug 930622 for CVE-2015-2708",
"url": "https://bugzilla.suse.com/930622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-2708"
},
{
"cve": "CVE-2015-2709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2709"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2709",
"url": "https://www.suse.com/security/cve/CVE-2015-2709"
},
{
"category": "external",
"summary": "SUSE Bug 930622 for CVE-2015-2709",
"url": "https://bugzilla.suse.com/930622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-2709"
},
{
"cve": "CVE-2015-2710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2710"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets (CSS) token sequence.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2710",
"url": "https://www.suse.com/security/cve/CVE-2015-2710"
},
{
"category": "external",
"summary": "SUSE Bug 930622 for CVE-2015-2710",
"url": "https://bugzilla.suse.com/930622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-2710"
},
{
"cve": "CVE-2015-2711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2711"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 38.0 does not recognize a referrer policy delivered by a referrer META element in cases of context-menu navigation and middle-click navigation, which allows remote attackers to obtain sensitive information by reading web-server Referer logs that contain private data in a URL, as demonstrated by a private path component.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2711",
"url": "https://www.suse.com/security/cve/CVE-2015-2711"
},
{
"category": "external",
"summary": "SUSE Bug 930622 for CVE-2015-2711",
"url": "https://bugzilla.suse.com/930622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-2711"
},
{
"cve": "CVE-2015-2712",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2712"
}
],
"notes": [
{
"category": "general",
"text": "The asm.js implementation in Mozilla Firefox before 38.0 does not properly determine heap lengths during identification of cases in which bounds checking may be safely skipped, which allows remote attackers to trigger out-of-bounds write operations and possibly execute arbitrary code, or trigger out-of-bounds read operations and possibly obtain sensitive information from process memory, via crafted JavaScript.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2712",
"url": "https://www.suse.com/security/cve/CVE-2015-2712"
},
{
"category": "external",
"summary": "SUSE Bug 930622 for CVE-2015-2712",
"url": "https://bugzilla.suse.com/930622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-2712"
},
{
"cve": "CVE-2015-2713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2713"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a document containing crafted text in conjunction with a Cascading Style Sheets (CSS) token sequence containing properties related to vertical text.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2713",
"url": "https://www.suse.com/security/cve/CVE-2015-2713"
},
{
"category": "external",
"summary": "SUSE Bug 930622 for CVE-2015-2713",
"url": "https://bugzilla.suse.com/930622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-2713"
},
{
"cve": "CVE-2015-2715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2715"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the nsThreadManager::RegisterCurrentThread function in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) by leveraging improper Media Decoder Thread creation at the time of a shutdown.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2715",
"url": "https://www.suse.com/security/cve/CVE-2015-2715"
},
{
"category": "external",
"summary": "SUSE Bug 930622 for CVE-2015-2715",
"url": "https://bugzilla.suse.com/930622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-2715"
},
{
"cve": "CVE-2015-2716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2716"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2015-1283.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2716",
"url": "https://www.suse.com/security/cve/CVE-2015-2716"
},
{
"category": "external",
"summary": "SUSE Bug 930622 for CVE-2015-2716",
"url": "https://bugzilla.suse.com/930622"
},
{
"category": "external",
"summary": "SUSE Bug 939077 for CVE-2015-2716",
"url": "https://bugzilla.suse.com/939077"
},
{
"category": "external",
"summary": "SUSE Bug 980391 for CVE-2015-2716",
"url": "https://bugzilla.suse.com/980391"
},
{
"category": "external",
"summary": "SUSE Bug 983985 for CVE-2015-2716",
"url": "https://bugzilla.suse.com/983985"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-2716"
},
{
"cve": "CVE-2015-2717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2717"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in libstagefright in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and out-of-bounds read) via an MP4 video file containing invalid metadata.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2717",
"url": "https://www.suse.com/security/cve/CVE-2015-2717"
},
{
"category": "external",
"summary": "SUSE Bug 930622 for CVE-2015-2717",
"url": "https://bugzilla.suse.com/930622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-2717"
},
{
"cve": "CVE-2015-2718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2718"
}
],
"notes": [
{
"category": "general",
"text": "The WebChannel.jsm module in Mozilla Firefox before 38.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive webchannel-response data via a crafted web site containing an IFRAME element referencing a different web site that is intended to read this data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2718",
"url": "https://www.suse.com/security/cve/CVE-2015-2718"
},
{
"category": "external",
"summary": "SUSE Bug 930622 for CVE-2015-2718",
"url": "https://bugzilla.suse.com/930622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-2718"
},
{
"cve": "CVE-2015-2721",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2721"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products, does not properly determine state transitions for the TLS state machine, which allows man-in-the-middle attackers to defeat cryptographic protection mechanisms by blocking messages, as demonstrated by removing a forward-secrecy property by blocking a ServerKeyExchange message, aka a \"SMACK SKIP-TLS\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2721",
"url": "https://www.suse.com/security/cve/CVE-2015-2721"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2721",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2721"
},
{
"cve": "CVE-2015-2722",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2722"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a shared worker.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2722",
"url": "https://www.suse.com/security/cve/CVE-2015-2722"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2722",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2722"
},
{
"cve": "CVE-2015-2724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2724"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2724",
"url": "https://www.suse.com/security/cve/CVE-2015-2724"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2724",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2724"
},
{
"cve": "CVE-2015-2725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2725"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2725",
"url": "https://www.suse.com/security/cve/CVE-2015-2725"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2725",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2725"
},
{
"cve": "CVE-2015-2726",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2726"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2726",
"url": "https://www.suse.com/security/cve/CVE-2015-2726"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2726",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2726"
},
{
"cve": "CVE-2015-2727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2727"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 38.0 and Firefox ESR 38.0 allow user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions. NOTE: this vulnerability exists because of a CVE-2015-0821 regression.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2727",
"url": "https://www.suse.com/security/cve/CVE-2015-2727"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2727",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2727"
},
{
"cve": "CVE-2015-2728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2728"
}
],
"notes": [
{
"category": "general",
"text": "The IndexedDatabaseManager class in the IndexedDB implementation in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 misinterprets an unspecified IDBDatabase field as a pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors, related to a \"type confusion\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2728",
"url": "https://www.suse.com/security/cve/CVE-2015-2728"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2728",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2728"
},
{
"cve": "CVE-2015-2729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2729"
}
],
"notes": [
{
"category": "general",
"text": "The AudioParamTimeline::AudioNodeInputValue function in the Web Audio implementation in Mozilla Firefox before 39.0 and Firefox ESR 38.x before 38.1 does not properly calculate an oscillator rendering range, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2729",
"url": "https://www.suse.com/security/cve/CVE-2015-2729"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2729",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2729"
},
{
"cve": "CVE-2015-2730",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2730"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which makes it easier for remote attackers to spoof ECDSA signatures via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2730",
"url": "https://www.suse.com/security/cve/CVE-2015-2730"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2730",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2730"
},
{
"cve": "CVE-2015-2731",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2731"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the CSPService::ShouldLoad function in the microtask implementation in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allows remote attackers to execute arbitrary code by leveraging client-side JavaScript that triggers removal of a DOM object on the basis of a Content Policy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2731",
"url": "https://www.suse.com/security/cve/CVE-2015-2731"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2731",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2731"
},
{
"cve": "CVE-2015-2733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2733"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a dedicated worker.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2733",
"url": "https://www.suse.com/security/cve/CVE-2015-2733"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2733",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2733"
},
{
"cve": "CVE-2015-2734",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2734"
}
],
"notes": [
{
"category": "general",
"text": "The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2734",
"url": "https://www.suse.com/security/cve/CVE-2015-2734"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2734",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2734"
},
{
"cve": "CVE-2015-2735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2735"
}
],
"notes": [
{
"category": "general",
"text": "nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2735",
"url": "https://www.suse.com/security/cve/CVE-2015-2735"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2735",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2735"
},
{
"cve": "CVE-2015-2736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2736"
}
],
"notes": [
{
"category": "general",
"text": "The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2736",
"url": "https://www.suse.com/security/cve/CVE-2015-2736"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2736",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2736"
},
{
"cve": "CVE-2015-2737",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2737"
}
],
"notes": [
{
"category": "general",
"text": "The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2737",
"url": "https://www.suse.com/security/cve/CVE-2015-2737"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2737",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2737"
},
{
"cve": "CVE-2015-2738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2738"
}
],
"notes": [
{
"category": "general",
"text": "The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2738",
"url": "https://www.suse.com/security/cve/CVE-2015-2738"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2738",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2738"
},
{
"cve": "CVE-2015-2739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2739"
}
],
"notes": [
{
"category": "general",
"text": "The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which has unspecified impact and attack vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2739",
"url": "https://www.suse.com/security/cve/CVE-2015-2739"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2739",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2739"
},
{
"cve": "CVE-2015-2740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2740"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 might allow remote attackers to cause a denial of service or have unspecified other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2740",
"url": "https://www.suse.com/security/cve/CVE-2015-2740"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2740",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2740"
},
{
"cve": "CVE-2015-2741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2741"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 do not enforce key pinning upon encountering an X.509 certificate problem that generates a user dialog, which allows user-assisted man-in-the-middle attackers to bypass intended access restrictions by triggering a (1) expired certificate or (2) mismatched hostname for a domain with pinning enabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2741",
"url": "https://www.suse.com/security/cve/CVE-2015-2741"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2741",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2741"
},
{
"cve": "CVE-2015-2742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2742"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 39.0 on OS X includes native key press information during the logging of crashes, which allows remote attackers to obtain sensitive information by leveraging access to a crash-reporting data stream.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2742",
"url": "https://www.suse.com/security/cve/CVE-2015-2742"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2742",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2742"
},
{
"cve": "CVE-2015-2743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2743"
}
],
"notes": [
{
"category": "general",
"text": "PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 enables excessive privileges for internal Workers, which might allow remote attackers to execute arbitrary code by leveraging a Same Origin Policy bypass.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2743",
"url": "https://www.suse.com/security/cve/CVE-2015-2743"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2743",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2743"
},
{
"cve": "CVE-2015-4000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4000"
}
],
"notes": [
{
"category": "general",
"text": "The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the \"Logjam\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4000",
"url": "https://www.suse.com/security/cve/CVE-2015-4000"
},
{
"category": "external",
"summary": "SUSE Bug 1074631 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/1074631"
},
{
"category": "external",
"summary": "SUSE Bug 1211968 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/1211968"
},
{
"category": "external",
"summary": "SUSE Bug 931600 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/931600"
},
{
"category": "external",
"summary": "SUSE Bug 931698 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/931698"
},
{
"category": "external",
"summary": "SUSE Bug 931723 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/931723"
},
{
"category": "external",
"summary": "SUSE Bug 931845 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/931845"
},
{
"category": "external",
"summary": "SUSE Bug 932026 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/932026"
},
{
"category": "external",
"summary": "SUSE Bug 932483 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/932483"
},
{
"category": "external",
"summary": "SUSE Bug 934789 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/934789"
},
{
"category": "external",
"summary": "SUSE Bug 935033 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/935033"
},
{
"category": "external",
"summary": "SUSE Bug 935540 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/935540"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/935979"
},
{
"category": "external",
"summary": "SUSE Bug 937202 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/937202"
},
{
"category": "external",
"summary": "SUSE Bug 937766 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/937766"
},
{
"category": "external",
"summary": "SUSE Bug 938248 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938248"
},
{
"category": "external",
"summary": "SUSE Bug 938432 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938432"
},
{
"category": "external",
"summary": "SUSE Bug 938895 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938895"
},
{
"category": "external",
"summary": "SUSE Bug 938905 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938905"
},
{
"category": "external",
"summary": "SUSE Bug 938906 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938906"
},
{
"category": "external",
"summary": "SUSE Bug 938913 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938913"
},
{
"category": "external",
"summary": "SUSE Bug 938945 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938945"
},
{
"category": "external",
"summary": "SUSE Bug 943664 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/943664"
},
{
"category": "external",
"summary": "SUSE Bug 944729 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/944729"
},
{
"category": "external",
"summary": "SUSE Bug 945582 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/945582"
},
{
"category": "external",
"summary": "SUSE Bug 955589 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/955589"
},
{
"category": "external",
"summary": "SUSE Bug 980406 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/980406"
},
{
"category": "external",
"summary": "SUSE Bug 990592 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/990592"
},
{
"category": "external",
"summary": "SUSE Bug 994144 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/994144"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4000"
},
{
"cve": "CVE-2015-4473",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4473"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4473",
"url": "https://www.suse.com/security/cve/CVE-2015-4473"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4473",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4473"
},
{
"cve": "CVE-2015-4474",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4474"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4474",
"url": "https://www.suse.com/security/cve/CVE-2015-4474"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4474",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-4474"
},
{
"cve": "CVE-2015-4475",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4475"
}
],
"notes": [
{
"category": "general",
"text": "The mozilla::AudioSink function in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 mishandles inconsistent sample formats within MP3 audio data, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a malformed file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4475",
"url": "https://www.suse.com/security/cve/CVE-2015-4475"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4475",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4475"
},
{
"cve": "CVE-2015-4476",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4476"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 41.0 on Android allows user-assisted remote attackers to spoof address-bar attributes by leveraging lack of navigation after a paste of a URL with a nonstandard scheme, as demonstrated by spoofing an SSL attribute.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4476",
"url": "https://www.suse.com/security/cve/CVE-2015-4476"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4476",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-4476"
},
{
"cve": "CVE-2015-4477",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4477"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the MediaStream playback feature in Mozilla Firefox before 40.0 allows remote attackers to execute arbitrary code via unspecified use of the Web Audio API.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4477",
"url": "https://www.suse.com/security/cve/CVE-2015-4477"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4477",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4477"
},
{
"cve": "CVE-2015-4478",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4478"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 do not impose certain ECMAScript 6 requirements on JavaScript object properties, which allows remote attackers to bypass the Same Origin Policy via the reviver parameter to the JSON.parse method.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4478",
"url": "https://www.suse.com/security/cve/CVE-2015-4478"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4478",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4478"
},
{
"cve": "CVE-2015-4479",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4479"
}
],
"notes": [
{
"category": "general",
"text": "Multiple integer overflows in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to execute arbitrary code via a crafted saio chunk in MPEG-4 video data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4479",
"url": "https://www.suse.com/security/cve/CVE-2015-4479"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4479",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4479"
},
{
"cve": "CVE-2015-4480",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4480"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the stagefright::SampleTable::isValid function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via crafted MPEG-4 video data with H.264 encoding.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4480",
"url": "https://www.suse.com/security/cve/CVE-2015-4480"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4480",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4480"
},
{
"cve": "CVE-2015-4481",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4481"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file during an update.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4481",
"url": "https://www.suse.com/security/cve/CVE-2015-4481"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4481",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2015-4481"
},
{
"cve": "CVE-2015-4482",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4482"
}
],
"notes": [
{
"category": "general",
"text": "mar_read.c in the Updater in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows local users to gain privileges or cause a denial of service (out-of-bounds write) via a crafted name of a Mozilla Archive (aka MAR) file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4482",
"url": "https://www.suse.com/security/cve/CVE-2015-4482"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4482",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-4482"
},
{
"cve": "CVE-2015-4483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4483"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 40.0 allows man-in-the-middle attackers to bypass a mixed-content protection mechanism via a feed: URL in a POST request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4483",
"url": "https://www.suse.com/security/cve/CVE-2015-4483"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4483",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4483"
},
{
"cve": "CVE-2015-4484",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4484"
}
],
"notes": [
{
"category": "general",
"text": "The js::jit::AssemblerX86Shared::lock_addl function in the JavaScript implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to cause a denial of service (application crash) by leveraging the use of shared memory and accessing (1) an Atomics object or (2) a SharedArrayBuffer object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4484",
"url": "https://www.suse.com/security/cve/CVE-2015-4484"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4484",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4484"
},
{
"cve": "CVE-2015-4485",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4485"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the resize_context_buffers function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via malformed WebM video data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4485",
"url": "https://www.suse.com/security/cve/CVE-2015-4485"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4485",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4485"
},
{
"cve": "CVE-2015-4486",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4486"
}
],
"notes": [
{
"category": "general",
"text": "The decrease_ref_count function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via malformed WebM video data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4486",
"url": "https://www.suse.com/security/cve/CVE-2015-4486"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4486",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4486"
},
{
"cve": "CVE-2015-4487",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4487"
}
],
"notes": [
{
"category": "general",
"text": "The nsTSubstring::ReplacePrep function in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, related to an \"overflow.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4487",
"url": "https://www.suse.com/security/cve/CVE-2015-4487"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4487",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4487"
},
{
"cve": "CVE-2015-4488",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4488"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the StyleAnimationValue class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 allows remote attackers to have an unspecified impact by leveraging a StyleAnimationValue::operator self assignment.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4488",
"url": "https://www.suse.com/security/cve/CVE-2015-4488"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4488",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4488"
},
{
"cve": "CVE-2015-4489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4489"
}
],
"notes": [
{
"category": "general",
"text": "The nsTArray_Impl class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging a self assignment.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4489",
"url": "https://www.suse.com/security/cve/CVE-2015-4489"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4489",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4489"
},
{
"cve": "CVE-2015-4490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4490"
}
],
"notes": [
{
"category": "general",
"text": "The nsCSPHostSrc::permits function in dom/security/nsCSPUtils.cpp in Mozilla Firefox before 40.0 does not implement the Content Security Policy Level 2 exceptions for the blob, data, and filesystem URL schemes during wildcard source-expression matching, which might make it easier for remote attackers to conduct cross-site scripting (XSS) attacks by leveraging unexpected policy-enforcement behavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4490",
"url": "https://www.suse.com/security/cve/CVE-2015-4490"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4490",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4490"
},
{
"cve": "CVE-2015-4491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4491"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4491",
"url": "https://www.suse.com/security/cve/CVE-2015-4491"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4491",
"url": "https://bugzilla.suse.com/940806"
},
{
"category": "external",
"summary": "SUSE Bug 942801 for CVE-2015-4491",
"url": "https://bugzilla.suse.com/942801"
},
{
"category": "external",
"summary": "SUSE Bug 948790 for CVE-2015-4491",
"url": "https://bugzilla.suse.com/948790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-4491"
},
{
"cve": "CVE-2015-4492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4492"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the XMLHttpRequest::Open implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 might allow remote attackers to execute arbitrary code via a SharedWorker object that makes recursive calls to the open method of an XMLHttpRequest object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4492",
"url": "https://www.suse.com/security/cve/CVE-2015-4492"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4492",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4492"
},
{
"cve": "CVE-2015-4493",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4493"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via an invalid size field in an esds chunk in MPEG-4 video data, a related issue to CVE-2015-1539.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4493",
"url": "https://www.suse.com/security/cve/CVE-2015-4493"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4493",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4493"
},
{
"cve": "CVE-2015-4495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4495"
}
],
"notes": [
{
"category": "general",
"text": "The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4495",
"url": "https://www.suse.com/security/cve/CVE-2015-4495"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4495",
"url": "https://bugzilla.suse.com/940806"
},
{
"category": "external",
"summary": "SUSE Bug 940918 for CVE-2015-4495",
"url": "https://bugzilla.suse.com/940918"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-4495"
},
{
"cve": "CVE-2015-4497",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4497"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets (CSS) token sequences for a CANVAS element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4497",
"url": "https://www.suse.com/security/cve/CVE-2015-4497"
},
{
"category": "external",
"summary": "SUSE Bug 943550 for CVE-2015-4497",
"url": "https://bugzilla.suse.com/943550"
},
{
"category": "external",
"summary": "SUSE Bug 943557 for CVE-2015-4497",
"url": "https://bugzilla.suse.com/943557"
},
{
"category": "external",
"summary": "SUSE Bug 943608 for CVE-2015-4497",
"url": "https://bugzilla.suse.com/943608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-4497"
},
{
"cve": "CVE-2015-4498",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4498"
}
],
"notes": [
{
"category": "general",
"text": "The add-on installation feature in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to bypass an intended user-confirmation requirement by constructing a crafted data: URL and triggering navigation to an arbitrary http: or https: URL at a certain early point in the installation process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4498",
"url": "https://www.suse.com/security/cve/CVE-2015-4498"
},
{
"category": "external",
"summary": "SUSE Bug 943550 for CVE-2015-4498",
"url": "https://bugzilla.suse.com/943550"
},
{
"category": "external",
"summary": "SUSE Bug 943558 for CVE-2015-4498",
"url": "https://bugzilla.suse.com/943558"
},
{
"category": "external",
"summary": "SUSE Bug 943608 for CVE-2015-4498",
"url": "https://bugzilla.suse.com/943608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4498"
},
{
"cve": "CVE-2015-4500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4500"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4500",
"url": "https://www.suse.com/security/cve/CVE-2015-4500"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4500",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4500"
},
{
"cve": "CVE-2015-4501",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4501"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4501",
"url": "https://www.suse.com/security/cve/CVE-2015-4501"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4501",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4501"
},
{
"cve": "CVE-2015-4502",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4502"
}
],
"notes": [
{
"category": "general",
"text": "js/src/proxy/Proxy.cpp in Mozilla Firefox before 41.0 mishandles certain receiver arguments, which allows remote attackers to bypass intended window access restrictions via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4502",
"url": "https://www.suse.com/security/cve/CVE-2015-4502"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4502",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-4502"
},
{
"cve": "CVE-2015-4503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4503"
}
],
"notes": [
{
"category": "general",
"text": "The TCP Socket API implementation in Mozilla Firefox before 41.0 mishandles array boundaries that were established with a navigator.mozTCPSocket.open method call and send method calls, which allows remote TCP servers to obtain sensitive information from process memory by reading packet data, as demonstrated by availability of this API in a Firefox OS application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4503",
"url": "https://www.suse.com/security/cve/CVE-2015-4503"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4503",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-4503"
},
{
"cve": "CVE-2015-4504",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4504"
}
],
"notes": [
{
"category": "general",
"text": "The lut_inverse_interp16 function in the QCMS library in Mozilla Firefox before 41.0 allows remote attackers to obtain sensitive information or cause a denial of service (buffer over-read and application crash) via crafted attributes in the ICC 4 profile of an image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4504",
"url": "https://www.suse.com/security/cve/CVE-2015-4504"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4504",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-4504"
},
{
"cve": "CVE-2015-4505",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4505"
}
],
"notes": [
{
"category": "general",
"text": "updater.exe in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows allows local users to write to arbitrary files by conducting a junction attack and waiting for an update operation by the Mozilla Maintenance Service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4505",
"url": "https://www.suse.com/security/cve/CVE-2015-4505"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4505",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-4505"
},
{
"cve": "CVE-2015-4506",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4506"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the vp9_init_context_buffers function in libvpx, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3, allows remote attackers to execute arbitrary code via a crafted VP9 file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4506",
"url": "https://www.suse.com/security/cve/CVE-2015-4506"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4506",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4506"
},
{
"cve": "CVE-2015-4507",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4507"
}
],
"notes": [
{
"category": "general",
"text": "The SavedStacks class in the JavaScript implementation in Mozilla Firefox before 41.0, when the Debugger API is enabled, allows remote attackers to cause a denial of service (getSlotRef assertion failure and application exit) or possibly execute arbitrary code via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4507",
"url": "https://www.suse.com/security/cve/CVE-2015-4507"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4507",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-4507"
},
{
"cve": "CVE-2015-4508",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4508"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 41.0, when reader mode is enabled, allows remote attackers to spoof the relationship between address-bar URLs and web content via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4508",
"url": "https://www.suse.com/security/cve/CVE-2015-4508"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4508",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-4508"
},
{
"cve": "CVE-2015-4509",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4509"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the HTMLVideoElement interface in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via crafted JavaScript code that modifies the URI table of a media element, aka ZDI-CAN-3176.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4509",
"url": "https://www.suse.com/security/cve/CVE-2015-4509"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4509",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4509"
},
{
"cve": "CVE-2015-4510",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4510"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the WorkerPrivate::NotifyFeatures function in Mozilla Firefox before 41.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) by leveraging improper interaction between shared workers and the IndexedDB implementation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4510",
"url": "https://www.suse.com/security/cve/CVE-2015-4510"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4510",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-4510"
},
{
"cve": "CVE-2015-4511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4511"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nestegg_track_codec_data function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via a crafted header in a WebM video.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4511",
"url": "https://www.suse.com/security/cve/CVE-2015-4511"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4511",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4511"
},
{
"cve": "CVE-2015-4512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4512"
}
],
"notes": [
{
"category": "general",
"text": "gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux improperly attempts to use the Cairo library with 32-bit color-depth surface creation followed by 16-bit color-depth surface display, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) by using a CANVAS element to trigger 2D rendering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4512",
"url": "https://www.suse.com/security/cve/CVE-2015-4512"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4512",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-4512"
},
{
"cve": "CVE-2015-4513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4513"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4513",
"url": "https://www.suse.com/security/cve/CVE-2015-4513"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-4513",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-4513"
},
{
"cve": "CVE-2015-4514",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4514"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4514",
"url": "https://www.suse.com/security/cve/CVE-2015-4514"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-4514",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-4514"
},
{
"cve": "CVE-2015-4515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4515"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 42.0, when NTLM v1 is enabled for HTTP authentication, allows remote attackers to obtain sensitive hostname information by constructing a crafted web site that sends an NTLM request and reads the Workstation field of an NTLM type 3 message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4515",
"url": "https://www.suse.com/security/cve/CVE-2015-4515"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-4515",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-4515"
},
{
"cve": "CVE-2015-4516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4516"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 41.0 allows remote attackers to bypass certain ECMAScript 5 (aka ES5) API protection mechanisms and modify immutable properties, and consequently execute arbitrary JavaScript code with chrome privileges, via a crafted web page that does not use ES5 APIs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4516",
"url": "https://www.suse.com/security/cve/CVE-2015-4516"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4516",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-4516"
},
{
"cve": "CVE-2015-4517",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4517"
}
],
"notes": [
{
"category": "general",
"text": "NetworkUtils.cpp in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4517",
"url": "https://www.suse.com/security/cve/CVE-2015-4517"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4517",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4517"
},
{
"cve": "CVE-2015-4518",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4518"
}
],
"notes": [
{
"category": "general",
"text": "The Reader View implementation in Mozilla Firefox before 42.0 has an improper whitelist, which makes it easier for remote attackers to bypass the Content Security Policy (CSP) protection mechanism and conduct cross-site scripting (XSS) attacks via vectors involving SVG animations and the about:reader URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4518",
"url": "https://www.suse.com/security/cve/CVE-2015-4518"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-4518",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-4518"
},
{
"cve": "CVE-2015-4519",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4519"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow user-assisted remote attackers to bypass intended access restrictions and discover a redirect\u0027s target URL via crafted JavaScript code that executes after a drag-and-drop action of an image into a TEXTBOX element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4519",
"url": "https://www.suse.com/security/cve/CVE-2015-4519"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4519",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4519"
},
{
"cve": "CVE-2015-4520",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4520"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to bypass CORS preflight protection mechanisms by leveraging (1) duplicate cache-key generation or (2) retrieval of a value from an incorrect HTTP Access-Control-* response header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4520",
"url": "https://www.suse.com/security/cve/CVE-2015-4520"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4520",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4520"
},
{
"cve": "CVE-2015-4521",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4521"
}
],
"notes": [
{
"category": "general",
"text": "The ConvertDialogOptions function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4521",
"url": "https://www.suse.com/security/cve/CVE-2015-4521"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4521",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4521"
},
{
"cve": "CVE-2015-4522",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4522"
}
],
"notes": [
{
"category": "general",
"text": "The nsUnicodeToUTF8::GetMaxLength function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an \"overflow.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4522",
"url": "https://www.suse.com/security/cve/CVE-2015-4522"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4522",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4522"
},
{
"cve": "CVE-2015-7174",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7174"
}
],
"notes": [
{
"category": "general",
"text": "The nsAttrAndChildArray::GrowBy function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an \"overflow.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7174",
"url": "https://www.suse.com/security/cve/CVE-2015-7174"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-7174",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7174"
},
{
"cve": "CVE-2015-7175",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7175"
}
],
"notes": [
{
"category": "general",
"text": "The XULContentSinkImpl::AddText function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an \"overflow.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7175",
"url": "https://www.suse.com/security/cve/CVE-2015-7175"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-7175",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7175"
},
{
"cve": "CVE-2015-7176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7176"
}
],
"notes": [
{
"category": "general",
"text": "The AnimationThread function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 uses an incorrect argument to the sscanf function, which might allow remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7176",
"url": "https://www.suse.com/security/cve/CVE-2015-7176"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-7176",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7176"
},
{
"cve": "CVE-2015-7177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7177"
}
],
"notes": [
{
"category": "general",
"text": "The InitTextures function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7177",
"url": "https://www.suse.com/security/cve/CVE-2015-7177"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-7177",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7177"
},
{
"cve": "CVE-2015-7178",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7178"
}
],
"notes": [
{
"category": "general",
"text": "The ProgramBinary::linkAttributes function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, mishandles shader access, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted (1) OpenGL or (2) WebGL content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7178",
"url": "https://www.suse.com/security/cve/CVE-2015-7178"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-7178",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7178"
},
{
"cve": "CVE-2015-7179",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7179"
}
],
"notes": [
{
"category": "general",
"text": "The VertexBufferInterface::reserveVertexSpace function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, incorrectly allocates memory for shader attribute arrays, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted (1) OpenGL or (2) WebGL content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7179",
"url": "https://www.suse.com/security/cve/CVE-2015-7179"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-7179",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7179"
},
{
"cve": "CVE-2015-7180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7180"
}
],
"notes": [
{
"category": "general",
"text": "The ReadbackResultWriterD3D11::Run function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 misinterprets the return value of a function call, which might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7180",
"url": "https://www.suse.com/security/cve/CVE-2015-7180"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-7180",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7180"
},
{
"cve": "CVE-2015-7181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7181"
}
],
"notes": [
{
"category": "general",
"text": "The sec_asn1d_parse_leaf function in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an unspecified data structure, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data, related to a \"use-after-poison\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7181",
"url": "https://www.suse.com/security/cve/CVE-2015-7181"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7181",
"url": "https://bugzilla.suse.com/952810"
},
{
"category": "external",
"summary": "SUSE Bug 962977 for CVE-2015-7181",
"url": "https://bugzilla.suse.com/962977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7181"
},
{
"cve": "CVE-2015-7182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7182"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7182",
"url": "https://www.suse.com/security/cve/CVE-2015-7182"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7182",
"url": "https://bugzilla.suse.com/952810"
},
{
"category": "external",
"summary": "SUSE Bug 962977 for CVE-2015-7182",
"url": "https://bugzilla.suse.com/962977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7182"
},
{
"cve": "CVE-2015-7183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7183"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7183",
"url": "https://www.suse.com/security/cve/CVE-2015-7183"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7183",
"url": "https://bugzilla.suse.com/952810"
},
{
"category": "external",
"summary": "SUSE Bug 962977 for CVE-2015-7183",
"url": "https://bugzilla.suse.com/962977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7183"
},
{
"cve": "CVE-2015-7184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7184"
}
],
"notes": [
{
"category": "general",
"text": "The fetch API implementation in Mozilla Firefox before 41.0.2 does not restrict access to the HTTP response body in certain situations where user credentials are supplied but the CORS cross-origin request algorithm is improperly followed, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7184",
"url": "https://www.suse.com/security/cve/CVE-2015-7184"
},
{
"category": "external",
"summary": "SUSE Bug 950686 for CVE-2015-7184",
"url": "https://bugzilla.suse.com/950686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7184"
},
{
"cve": "CVE-2015-7185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7185"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 42.0 on Android does not ensure that the address bar is restored upon fullscreen-mode exit, which allows remote attackers to spoof the address bar via crafted JavaScript code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7185",
"url": "https://www.suse.com/security/cve/CVE-2015-7185"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7185",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7185"
},
{
"cve": "CVE-2015-7186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7186"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 42.0 on Android allows user-assisted remote attackers to bypass the Same Origin Policy and trigger (1) a download or (2) cached profile-data reading via a file: URL in a saved HTML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7186",
"url": "https://www.suse.com/security/cve/CVE-2015-7186"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7186",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7186"
},
{
"cve": "CVE-2015-7187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7187"
}
],
"notes": [
{
"category": "general",
"text": "The Add-on SDK in Mozilla Firefox before 42.0 misinterprets a \"script: false\" panel setting, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via inline JavaScript code that is executed within a third-party extension.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7187",
"url": "https://www.suse.com/security/cve/CVE-2015-7187"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7187",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7187"
},
{
"cve": "CVE-2015-7188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7188"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to bypass the Same Origin Policy for an IP address origin, and conduct cross-site scripting (XSS) attacks, by appending whitespace characters to an IP address string.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7188",
"url": "https://www.suse.com/security/cve/CVE-2015-7188"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7188",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7188"
},
{
"cve": "CVE-2015-7189",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7189"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the JPEGEncoder function in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via vectors involving a CANVAS element and crafted JavaScript code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7189",
"url": "https://www.suse.com/security/cve/CVE-2015-7189"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7189",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7189"
},
{
"cve": "CVE-2015-7190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7190"
}
],
"notes": [
{
"category": "general",
"text": "The Search feature in Mozilla Firefox before 42.0 on Android through 4.4 supports search-engine URL registration through an intent and can access this URL in a privileged context in conjunction with the crash reporter, which allows attackers to read log files and visit file: URLs of HTML documents via a crafted application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7190",
"url": "https://www.suse.com/security/cve/CVE-2015-7190"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7190",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7190"
},
{
"cve": "CVE-2015-7191",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7191"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 42.0 on Android improperly restricts URL strings in intents, which allows attackers to conduct cross-site scripting (XSS) attacks via vectors involving an intent: URL and fallback navigation, aka \"Universal XSS (UXSS).\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7191",
"url": "https://www.suse.com/security/cve/CVE-2015-7191"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7191",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7191"
},
{
"cve": "CVE-2015-7192",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7192"
}
],
"notes": [
{
"category": "general",
"text": "The accessibility-tools feature in Mozilla Firefox before 42.0 on OS X improperly interacts with the implementation of the TABLE element, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using an NSAccessibilityIndexAttribute value to reference a row index.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7192",
"url": "https://www.suse.com/security/cve/CVE-2015-7192"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7192",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7192"
},
{
"cve": "CVE-2015-7193",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7193"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly follow the CORS cross-origin request algorithm for the POST method in situations involving an unspecified Content-Type header manipulation, which allows remote attackers to bypass the Same Origin Policy by leveraging the lack of a preflight-request step.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7193",
"url": "https://www.suse.com/security/cve/CVE-2015-7193"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7193",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7193"
},
{
"cve": "CVE-2015-7194",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7194"
}
],
"notes": [
{
"category": "general",
"text": "Buffer underflow in libjar in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP archive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7194",
"url": "https://www.suse.com/security/cve/CVE-2015-7194"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7194",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7194"
},
{
"cve": "CVE-2015-7195",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7195"
}
],
"notes": [
{
"category": "general",
"text": "The URL parsing implementation in Mozilla Firefox before 42.0 improperly recognizes escaped characters in hostnames within Location headers, which allows remote attackers to obtain sensitive information via vectors involving a redirect.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7195",
"url": "https://www.suse.com/security/cve/CVE-2015-7195"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7195",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7195"
},
{
"cve": "CVE-2015-7196",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7196"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, when a Java plugin is enabled, allow remote attackers to cause a denial of service (incorrect garbage collection and application crash) or possibly execute arbitrary code via a crafted Java applet that deallocates an in-use JavaScript wrapper.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7196",
"url": "https://www.suse.com/security/cve/CVE-2015-7196"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7196",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7196"
},
{
"cve": "CVE-2015-7197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7197"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly control the ability of a web worker to create a WebSocket object, which allows remote attackers to bypass intended mixed-content restrictions via crafted JavaScript code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7197",
"url": "https://www.suse.com/security/cve/CVE-2015-7197"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7197",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7197"
},
{
"cve": "CVE-2015-7198",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7198"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the rx::TextureStorage11 class in ANGLE, as used in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted texture data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7198",
"url": "https://www.suse.com/security/cve/CVE-2015-7198"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7198",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7198"
},
{
"cve": "CVE-2015-7199",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7199"
}
],
"notes": [
{
"category": "general",
"text": "The (1) AddWeightedPathSegLists and (2) SVGPathSegListSMILType::Interpolate functions in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lack status checking, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted SVG document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7199",
"url": "https://www.suse.com/security/cve/CVE-2015-7199"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7199",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7199"
},
{
"cve": "CVE-2015-7200",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7200"
}
],
"notes": [
{
"category": "general",
"text": "The CryptoKey interface implementation in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lacks status checking, which allows attackers to have an unspecified impact via vectors related to a cryptographic key.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7200",
"url": "https://www.suse.com/security/cve/CVE-2015-7200"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7200",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7200"
},
{
"cve": "CVE-2015-7201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7201"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7201",
"url": "https://www.suse.com/security/cve/CVE-2015-7201"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7201",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7201"
},
{
"cve": "CVE-2015-7202",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7202"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7202",
"url": "https://www.suse.com/security/cve/CVE-2015-7202"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7202",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7202"
},
{
"cve": "CVE-2015-7203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7203"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the DirectWriteFontInfo::LoadFontFamilyData function in gfx/thebes/gfxDWriteFontList.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted font-family name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7203",
"url": "https://www.suse.com/security/cve/CVE-2015-7203"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7203",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7203"
},
{
"cve": "CVE-2015-7204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7204"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 43.0 does not properly store the properties of unboxed objects, which allows remote attackers to execute arbitrary code via crafted JavaScript variable assignments.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7204",
"url": "https://www.suse.com/security/cve/CVE-2015-7204"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7204",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7204"
},
{
"cve": "CVE-2015-7205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7205"
}
],
"notes": [
{
"category": "general",
"text": "Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a crafted WebRTC RTP packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7205",
"url": "https://www.suse.com/security/cve/CVE-2015-7205"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7205",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7205"
},
{
"cve": "CVE-2015-7207",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7207"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 43.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and performance.getEntries calls, a related issue to CVE-2015-1300.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7207",
"url": "https://www.suse.com/security/cve/CVE-2015-7207"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7207",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7207"
},
{
"cve": "CVE-2015-7208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7208"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 43.0 stores cookies containing vertical tab characters, which allows remote attackers to obtain sensitive information by reading HTTP Cookie headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7208",
"url": "https://www.suse.com/security/cve/CVE-2015-7208"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7208",
"url": "https://bugzilla.suse.com/959277"
},
{
"category": "external",
"summary": "SUSE Bug 963637 for CVE-2015-7208",
"url": "https://bugzilla.suse.com/963637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7208"
},
{
"cve": "CVE-2015-7210",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7210"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7210",
"url": "https://www.suse.com/security/cve/CVE-2015-7210"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7210",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7210"
},
{
"cve": "CVE-2015-7211",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7211"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 43.0 mishandles the # (number sign) character in a data: URI, which allows remote attackers to spoof web sites via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7211",
"url": "https://www.suse.com/security/cve/CVE-2015-7211"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7211",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7211"
},
{
"cve": "CVE-2015-7212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7212"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering a graphics operation that requires a large texture allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7212",
"url": "https://www.suse.com/security/cve/CVE-2015-7212"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7212",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7212"
},
{
"cve": "CVE-2015-7213",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7213"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7213",
"url": "https://www.suse.com/security/cve/CVE-2015-7213"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7213",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7213"
},
{
"cve": "CVE-2015-7214",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7214"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to bypass the Same Origin Policy via data: and view-source: URIs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7214",
"url": "https://www.suse.com/security/cve/CVE-2015-7214"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7214",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7214"
},
{
"cve": "CVE-2015-7215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7215"
}
],
"notes": [
{
"category": "general",
"text": "The importScripts function in the Web Workers API implementation in Mozilla Firefox before 43.0 allows remote attackers to bypass the Same Origin Policy by triggering use of the no-cors mode in the fetch API to attempt resource access that throws an exception, leading to information disclosure after a rethrow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7215",
"url": "https://www.suse.com/security/cve/CVE-2015-7215"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7215",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7215"
},
{
"cve": "CVE-2015-7216",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7216"
}
],
"notes": [
{
"category": "general",
"text": "The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the JasPer decoder, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JPEG 2000 image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7216",
"url": "https://www.suse.com/security/cve/CVE-2015-7216"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7216",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7216"
},
{
"cve": "CVE-2015-7217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7217"
}
],
"notes": [
{
"category": "general",
"text": "The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the TGA decoder, which allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted Truevision TGA image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7217",
"url": "https://www.suse.com/security/cve/CVE-2015-7217"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7217",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7217"
},
{
"cve": "CVE-2015-7218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7218"
}
],
"notes": [
{
"category": "general",
"text": "The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service (integer underflow, assertion failure, and application exit) via a single-byte header frame that triggers incorrect memory allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7218",
"url": "https://www.suse.com/security/cve/CVE-2015-7218"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7218",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7218"
},
{
"cve": "CVE-2015-7219",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7219"
}
],
"notes": [
{
"category": "general",
"text": "The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service (integer underflow, assertion failure, and application exit) via a malformed PushPromise frame that triggers decompressed-buffer length miscalculation and incorrect memory allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7219",
"url": "https://www.suse.com/security/cve/CVE-2015-7219"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7219",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7219"
},
{
"cve": "CVE-2015-7220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7220"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the XDRBuffer::grow function in js/src/vm/Xdr.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7220",
"url": "https://www.suse.com/security/cve/CVE-2015-7220"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7220",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7220"
},
{
"cve": "CVE-2015-7221",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7221"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the nsDeque::GrowCapacity function in xpcom/glue/nsDeque.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a deque size change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7221",
"url": "https://www.suse.com/security/cve/CVE-2015-7221"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7221",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7221"
},
{
"cve": "CVE-2015-7222",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7222"
}
],
"notes": [
{
"category": "general",
"text": "Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect memory allocation and application crash) via an MP4 video file with crafted covr metadata that triggers a buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7222",
"url": "https://www.suse.com/security/cve/CVE-2015-7222"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7222",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7222"
},
{
"cve": "CVE-2015-7223",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7223"
}
],
"notes": [
{
"category": "general",
"text": "The WebExtension APIs in Mozilla Firefox before 43.0 allow remote attackers to gain privileges, and possibly obtain sensitive information or conduct cross-site scripting (XSS) attacks, via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7223",
"url": "https://www.suse.com/security/cve/CVE-2015-7223"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7223",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7223"
},
{
"cve": "CVE-2015-7575",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7575"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7575",
"url": "https://www.suse.com/security/cve/CVE-2015-7575"
},
{
"category": "external",
"summary": "SUSE Bug 959888 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/959888"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 960996 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/960996"
},
{
"category": "external",
"summary": "SUSE Bug 961280 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961280"
},
{
"category": "external",
"summary": "SUSE Bug 961281 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961281"
},
{
"category": "external",
"summary": "SUSE Bug 961282 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961282"
},
{
"category": "external",
"summary": "SUSE Bug 961283 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961283"
},
{
"category": "external",
"summary": "SUSE Bug 961284 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961284"
},
{
"category": "external",
"summary": "SUSE Bug 961290 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961290"
},
{
"category": "external",
"summary": "SUSE Bug 961357 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961357"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/963937"
},
{
"category": "external",
"summary": "SUSE Bug 967521 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/967521"
},
{
"category": "external",
"summary": "SUSE Bug 981087 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/981087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7575"
},
{
"cve": "CVE-2016-0718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0718"
}
],
"notes": [
{
"category": "general",
"text": "Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0718",
"url": "https://www.suse.com/security/cve/CVE-2016-0718"
},
{
"category": "external",
"summary": "SUSE Bug 979441 for CVE-2016-0718",
"url": "https://bugzilla.suse.com/979441"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-0718",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-0718"
},
{
"cve": "CVE-2016-1930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1930"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1930",
"url": "https://www.suse.com/security/cve/CVE-2016-1930"
},
{
"category": "external",
"summary": "SUSE Bug 963520 for CVE-2016-1930",
"url": "https://bugzilla.suse.com/963520"
},
{
"category": "external",
"summary": "SUSE Bug 963632 for CVE-2016-1930",
"url": "https://bugzilla.suse.com/963632"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2016-1930"
},
{
"cve": "CVE-2016-1931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1931"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to uninitialized memory encountered during brotli data compression, and other vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1931",
"url": "https://www.suse.com/security/cve/CVE-2016-1931"
},
{
"category": "external",
"summary": "SUSE Bug 963633 for CVE-2016-1931",
"url": "https://bugzilla.suse.com/963633"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2016-1931"
},
{
"cve": "CVE-2016-1933",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1933"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the image-deinterlacing functionality in Mozilla Firefox before 44.0 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted GIF image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1933",
"url": "https://www.suse.com/security/cve/CVE-2016-1933"
},
{
"category": "external",
"summary": "SUSE Bug 963634 for CVE-2016-1933",
"url": "https://bugzilla.suse.com/963634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-1933"
},
{
"cve": "CVE-2016-1935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1935"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code via crafted WebGL content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1935",
"url": "https://www.suse.com/security/cve/CVE-2016-1935"
},
{
"category": "external",
"summary": "SUSE Bug 963520 for CVE-2016-1935",
"url": "https://bugzilla.suse.com/963520"
},
{
"category": "external",
"summary": "SUSE Bug 963635 for CVE-2016-1935",
"url": "https://bugzilla.suse.com/963635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-1935"
},
{
"cve": "CVE-2016-1937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1937"
}
],
"notes": [
{
"category": "general",
"text": "The protocol-handler dialog in Mozilla Firefox before 44.0 allows remote attackers to conduct clickjacking attacks via a crafted web site that triggers a single-click action in a situation where a double-click action was intended.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1937",
"url": "https://www.suse.com/security/cve/CVE-2016-1937"
},
{
"category": "external",
"summary": "SUSE Bug 963641 for CVE-2016-1937",
"url": "https://bugzilla.suse.com/963641"
},
{
"category": "external",
"summary": "SUSE Bug 977736 for CVE-2016-1937",
"url": "https://bugzilla.suse.com/977736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-1937"
},
{
"cve": "CVE-2016-1938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1938"
}
],
"notes": [
{
"category": "general",
"text": "The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging use of the (1) mp_div or (2) mp_exptmod function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1938",
"url": "https://www.suse.com/security/cve/CVE-2016-1938"
},
{
"category": "external",
"summary": "SUSE Bug 963731 for CVE-2016-1938",
"url": "https://bugzilla.suse.com/963731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-1938"
},
{
"cve": "CVE-2016-1939",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1939"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 44.0 stores cookies with names containing vertical tab characters, which allows remote attackers to obtain sensitive information by reading HTTP Cookie headers. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-7208.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1939",
"url": "https://www.suse.com/security/cve/CVE-2016-1939"
},
{
"category": "external",
"summary": "SUSE Bug 963637 for CVE-2016-1939",
"url": "https://bugzilla.suse.com/963637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1939"
},
{
"cve": "CVE-2016-1942",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1942"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 44.0 allows user-assisted remote attackers to spoof a trailing substring in the address bar by leveraging a user\u0027s paste of a (1) wyciwyg: URI or (2) resource: URI.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1942",
"url": "https://www.suse.com/security/cve/CVE-2016-1942"
},
{
"category": "external",
"summary": "SUSE Bug 963643 for CVE-2016-1942",
"url": "https://bugzilla.suse.com/963643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1942"
},
{
"cve": "CVE-2016-1943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1943"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via the scrollTo method.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1943",
"url": "https://www.suse.com/security/cve/CVE-2016-1943"
},
{
"category": "external",
"summary": "SUSE Bug 963643 for CVE-2016-1943",
"url": "https://bugzilla.suse.com/963643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-1943"
},
{
"cve": "CVE-2016-1944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1944"
}
],
"notes": [
{
"category": "general",
"text": "The Buffer11::NativeBuffer11::map function in ANGLE, as used in Mozilla Firefox before 44.0, might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1944",
"url": "https://www.suse.com/security/cve/CVE-2016-1944"
},
{
"category": "external",
"summary": "SUSE Bug 963644 for CVE-2016-1944",
"url": "https://bugzilla.suse.com/963644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2016-1944"
},
{
"cve": "CVE-2016-1945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1945"
}
],
"notes": [
{
"category": "general",
"text": "The nsZipArchive function in Mozilla Firefox before 44.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect use of a pointer during processing of a ZIP archive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1945",
"url": "https://www.suse.com/security/cve/CVE-2016-1945"
},
{
"category": "external",
"summary": "SUSE Bug 963644 for CVE-2016-1945",
"url": "https://bugzilla.suse.com/963644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2016-1945"
},
{
"cve": "CVE-2016-1946",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1946"
}
],
"notes": [
{
"category": "general",
"text": "The MoofParser::Metadata function in binding/MoofParser.cpp in libstagefright in Mozilla Firefox before 44.0 does not limit the size of read operations, which might allow remote attackers to cause a denial of service (integer overflow and buffer overflow) or possibly have unspecified other impact via crafted metadata.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1946",
"url": "https://www.suse.com/security/cve/CVE-2016-1946"
},
{
"category": "external",
"summary": "SUSE Bug 963644 for CVE-2016-1946",
"url": "https://bugzilla.suse.com/963644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2016-1946"
},
{
"cve": "CVE-2016-1947",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1947"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote attackers to trigger an unintended download by leveraging the absence of reputation data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1947",
"url": "https://www.suse.com/security/cve/CVE-2016-1947"
},
{
"category": "external",
"summary": "SUSE Bug 963645 for CVE-2016-1947",
"url": "https://bugzilla.suse.com/963645"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-1947"
},
{
"cve": "CVE-2016-1949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1949"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 44.0.2 does not properly restrict the interaction between Service Workers and plugins, which allows remote attackers to bypass the Same Origin Policy via a crafted web site that triggers spoofed responses to requests that use NPAPI, as demonstrated by a request for a crossdomain.xml file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1949",
"url": "https://www.suse.com/security/cve/CVE-2016-1949"
},
{
"category": "external",
"summary": "SUSE Bug 966438 for CVE-2016-1949",
"url": "https://bugzilla.suse.com/966438"
},
{
"category": "external",
"summary": "SUSE Bug 967087 for CVE-2016-1949",
"url": "https://bugzilla.suse.com/967087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1949"
},
{
"cve": "CVE-2016-1950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1950"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1950",
"url": "https://www.suse.com/security/cve/CVE-2016-1950"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/969894"
},
{
"category": "external",
"summary": "SUSE Bug 970257 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/970257"
},
{
"category": "external",
"summary": "SUSE Bug 970377 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/970377"
},
{
"category": "external",
"summary": "SUSE Bug 970378 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/970378"
},
{
"category": "external",
"summary": "SUSE Bug 970379 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/970379"
},
{
"category": "external",
"summary": "SUSE Bug 970380 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/970380"
},
{
"category": "external",
"summary": "SUSE Bug 970381 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/970381"
},
{
"category": "external",
"summary": "SUSE Bug 970431 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/970431"
},
{
"category": "external",
"summary": "SUSE Bug 970433 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/970433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1950"
},
{
"cve": "CVE-2016-1952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1952"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1952",
"url": "https://www.suse.com/security/cve/CVE-2016-1952"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1952",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1952"
},
{
"cve": "CVE-2016-1953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1953"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to js/src/jit/arm/Assembler-arm.cpp, and unknown other vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1953",
"url": "https://www.suse.com/security/cve/CVE-2016-1953"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1953",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1953"
},
{
"cve": "CVE-2016-1954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1954"
}
],
"notes": [
{
"category": "general",
"text": "The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1954",
"url": "https://www.suse.com/security/cve/CVE-2016-1954"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1954",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1954"
},
{
"cve": "CVE-2016-1955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1955"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy (CSP) violation report that contains path information associated with an IFRAME element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1955",
"url": "https://www.suse.com/security/cve/CVE-2016-1955"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1955",
"url": "https://bugzilla.suse.com/969894"
},
{
"category": "external",
"summary": "SUSE Bug 970257 for CVE-2016-1955",
"url": "https://bugzilla.suse.com/970257"
},
{
"category": "external",
"summary": "SUSE Bug 970377 for CVE-2016-1955",
"url": "https://bugzilla.suse.com/970377"
},
{
"category": "external",
"summary": "SUSE Bug 970378 for CVE-2016-1955",
"url": "https://bugzilla.suse.com/970378"
},
{
"category": "external",
"summary": "SUSE Bug 970379 for CVE-2016-1955",
"url": "https://bugzilla.suse.com/970379"
},
{
"category": "external",
"summary": "SUSE Bug 970380 for CVE-2016-1955",
"url": "https://bugzilla.suse.com/970380"
},
{
"category": "external",
"summary": "SUSE Bug 970381 for CVE-2016-1955",
"url": "https://bugzilla.suse.com/970381"
},
{
"category": "external",
"summary": "SUSE Bug 970431 for CVE-2016-1955",
"url": "https://bugzilla.suse.com/970431"
},
{
"category": "external",
"summary": "SUSE Bug 970433 for CVE-2016-1955",
"url": "https://bugzilla.suse.com/970433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1955"
},
{
"cve": "CVE-2016-1956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1956"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service (memory consumption or stack memory corruption) by triggering use of a WebGL shader.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1956",
"url": "https://www.suse.com/security/cve/CVE-2016-1956"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1956",
"url": "https://bugzilla.suse.com/969894"
},
{
"category": "external",
"summary": "SUSE Bug 970257 for CVE-2016-1956",
"url": "https://bugzilla.suse.com/970257"
},
{
"category": "external",
"summary": "SUSE Bug 970377 for CVE-2016-1956",
"url": "https://bugzilla.suse.com/970377"
},
{
"category": "external",
"summary": "SUSE Bug 970378 for CVE-2016-1956",
"url": "https://bugzilla.suse.com/970378"
},
{
"category": "external",
"summary": "SUSE Bug 970379 for CVE-2016-1956",
"url": "https://bugzilla.suse.com/970379"
},
{
"category": "external",
"summary": "SUSE Bug 970380 for CVE-2016-1956",
"url": "https://bugzilla.suse.com/970380"
},
{
"category": "external",
"summary": "SUSE Bug 970381 for CVE-2016-1956",
"url": "https://bugzilla.suse.com/970381"
},
{
"category": "external",
"summary": "SUSE Bug 970431 for CVE-2016-1956",
"url": "https://bugzilla.suse.com/970431"
},
{
"category": "external",
"summary": "SUSE Bug 970433 for CVE-2016-1956",
"url": "https://bugzilla.suse.com/970433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1956"
},
{
"cve": "CVE-2016-1957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1957"
}
],
"notes": [
{
"category": "general",
"text": "Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to cause a denial of service (memory consumption) via an MPEG-4 file that triggers a delete operation on an array.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1957",
"url": "https://www.suse.com/security/cve/CVE-2016-1957"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1957",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-1957"
},
{
"cve": "CVE-2016-1958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1958"
}
],
"notes": [
{
"category": "general",
"text": "browser/base/content/browser.js in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to spoof the address bar via a javascript: URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1958",
"url": "https://www.suse.com/security/cve/CVE-2016-1958"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1958",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-1958"
},
{
"cve": "CVE-2016-1959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1959"
}
],
"notes": [
{
"category": "general",
"text": "The ServiceWorkerManager class in Mozilla Firefox before 45.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via unspecified use of the Clients API.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1959",
"url": "https://www.suse.com/security/cve/CVE-2016-1959"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1959",
"url": "https://bugzilla.suse.com/969894"
},
{
"category": "external",
"summary": "SUSE Bug 970257 for CVE-2016-1959",
"url": "https://bugzilla.suse.com/970257"
},
{
"category": "external",
"summary": "SUSE Bug 970377 for CVE-2016-1959",
"url": "https://bugzilla.suse.com/970377"
},
{
"category": "external",
"summary": "SUSE Bug 970378 for CVE-2016-1959",
"url": "https://bugzilla.suse.com/970378"
},
{
"category": "external",
"summary": "SUSE Bug 970379 for CVE-2016-1959",
"url": "https://bugzilla.suse.com/970379"
},
{
"category": "external",
"summary": "SUSE Bug 970380 for CVE-2016-1959",
"url": "https://bugzilla.suse.com/970380"
},
{
"category": "external",
"summary": "SUSE Bug 970381 for CVE-2016-1959",
"url": "https://bugzilla.suse.com/970381"
},
{
"category": "external",
"summary": "SUSE Bug 970431 for CVE-2016-1959",
"url": "https://bugzilla.suse.com/970431"
},
{
"category": "external",
"summary": "SUSE Bug 970433 for CVE-2016-1959",
"url": "https://bugzilla.suse.com/970433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1959"
},
{
"cve": "CVE-2016-1960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1960"
}
],
"notes": [
{
"category": "general",
"text": "Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) by leveraging mishandling of end tags, as demonstrated by incorrect SVG processing, aka ZDI-CAN-3545.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1960",
"url": "https://www.suse.com/security/cve/CVE-2016-1960"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1960",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1960"
},
{
"cve": "CVE-2016-1961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1961"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsHTMLDocument::SetBody function in dom/html/nsHTMLDocument.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of a root element, aka ZDI-CAN-3574.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1961",
"url": "https://www.suse.com/security/cve/CVE-2016-1961"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1961",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1961"
},
{
"cve": "CVE-2016-1962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1962"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::DataChannelConnection::Close function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of WebRTC data-channel connections.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1962",
"url": "https://www.suse.com/security/cve/CVE-2016-1962"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1962",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2016-1962"
},
{
"cve": "CVE-2016-1963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1963"
}
],
"notes": [
{
"category": "general",
"text": "The FileReader class in Mozilla Firefox before 45.0 allows local users to gain privileges or cause a denial of service (memory corruption) by changing a file during a FileReader API read operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1963",
"url": "https://www.suse.com/security/cve/CVE-2016-1963"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1963",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1963"
},
{
"cve": "CVE-2016-1964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1964"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the AtomicBaseIncDec function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging mishandling of XML transformations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1964",
"url": "https://www.suse.com/security/cve/CVE-2016-1964"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1964",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1964"
},
{
"cve": "CVE-2016-1965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1965"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 mishandle a navigation sequence that returns to the original page, which allows remote attackers to spoof the address bar via vectors involving the history.back method and the location.protocol property.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1965",
"url": "https://www.suse.com/security/cve/CVE-2016-1965"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1965",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-1965"
},
{
"cve": "CVE-2016-1966",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1966"
}
],
"notes": [
{
"category": "general",
"text": "The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference and memory corruption) via a crafted NPAPI plugin.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1966",
"url": "https://www.suse.com/security/cve/CVE-2016-1966"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1966",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1966"
},
{
"cve": "CVE-2016-1967",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1967"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 45.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and performance.getEntries calls after restoring a browser session. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-7207.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1967",
"url": "https://www.suse.com/security/cve/CVE-2016-1967"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1967",
"url": "https://bugzilla.suse.com/969894"
},
{
"category": "external",
"summary": "SUSE Bug 970257 for CVE-2016-1967",
"url": "https://bugzilla.suse.com/970257"
},
{
"category": "external",
"summary": "SUSE Bug 970377 for CVE-2016-1967",
"url": "https://bugzilla.suse.com/970377"
},
{
"category": "external",
"summary": "SUSE Bug 970378 for CVE-2016-1967",
"url": "https://bugzilla.suse.com/970378"
},
{
"category": "external",
"summary": "SUSE Bug 970379 for CVE-2016-1967",
"url": "https://bugzilla.suse.com/970379"
},
{
"category": "external",
"summary": "SUSE Bug 970380 for CVE-2016-1967",
"url": "https://bugzilla.suse.com/970380"
},
{
"category": "external",
"summary": "SUSE Bug 970381 for CVE-2016-1967",
"url": "https://bugzilla.suse.com/970381"
},
{
"category": "external",
"summary": "SUSE Bug 970431 for CVE-2016-1967",
"url": "https://bugzilla.suse.com/970431"
},
{
"category": "external",
"summary": "SUSE Bug 970433 for CVE-2016-1967",
"url": "https://bugzilla.suse.com/970433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1967"
},
{
"cve": "CVE-2016-1968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1968"
}
],
"notes": [
{
"category": "general",
"text": "Integer underflow in Brotli, as used in Mozilla Firefox before 45.0, allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted data with brotli compression.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1968",
"url": "https://www.suse.com/security/cve/CVE-2016-1968"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1968",
"url": "https://bugzilla.suse.com/969894"
},
{
"category": "external",
"summary": "SUSE Bug 970257 for CVE-2016-1968",
"url": "https://bugzilla.suse.com/970257"
},
{
"category": "external",
"summary": "SUSE Bug 970377 for CVE-2016-1968",
"url": "https://bugzilla.suse.com/970377"
},
{
"category": "external",
"summary": "SUSE Bug 970378 for CVE-2016-1968",
"url": "https://bugzilla.suse.com/970378"
},
{
"category": "external",
"summary": "SUSE Bug 970379 for CVE-2016-1968",
"url": "https://bugzilla.suse.com/970379"
},
{
"category": "external",
"summary": "SUSE Bug 970380 for CVE-2016-1968",
"url": "https://bugzilla.suse.com/970380"
},
{
"category": "external",
"summary": "SUSE Bug 970381 for CVE-2016-1968",
"url": "https://bugzilla.suse.com/970381"
},
{
"category": "external",
"summary": "SUSE Bug 970431 for CVE-2016-1968",
"url": "https://bugzilla.suse.com/970431"
},
{
"category": "external",
"summary": "SUSE Bug 970433 for CVE-2016-1968",
"url": "https://bugzilla.suse.com/970433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1968"
},
{
"cve": "CVE-2016-1970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1970"
}
],
"notes": [
{
"category": "general",
"text": "Integer underflow in the srtp_unprotect function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1970",
"url": "https://www.suse.com/security/cve/CVE-2016-1970"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1970",
"url": "https://bugzilla.suse.com/969894"
},
{
"category": "external",
"summary": "SUSE Bug 970257 for CVE-2016-1970",
"url": "https://bugzilla.suse.com/970257"
},
{
"category": "external",
"summary": "SUSE Bug 970377 for CVE-2016-1970",
"url": "https://bugzilla.suse.com/970377"
},
{
"category": "external",
"summary": "SUSE Bug 970378 for CVE-2016-1970",
"url": "https://bugzilla.suse.com/970378"
},
{
"category": "external",
"summary": "SUSE Bug 970379 for CVE-2016-1970",
"url": "https://bugzilla.suse.com/970379"
},
{
"category": "external",
"summary": "SUSE Bug 970380 for CVE-2016-1970",
"url": "https://bugzilla.suse.com/970380"
},
{
"category": "external",
"summary": "SUSE Bug 970381 for CVE-2016-1970",
"url": "https://bugzilla.suse.com/970381"
},
{
"category": "external",
"summary": "SUSE Bug 970431 for CVE-2016-1970",
"url": "https://bugzilla.suse.com/970431"
},
{
"category": "external",
"summary": "SUSE Bug 970433 for CVE-2016-1970",
"url": "https://bugzilla.suse.com/970433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1970"
},
{
"cve": "CVE-2016-1971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1971"
}
],
"notes": [
{
"category": "general",
"text": "The I420VideoFrame::CreateFrame function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows omits an unspecified status check, which might allow remote attackers to cause a denial of service (memory corruption) or possibly have other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1971",
"url": "https://www.suse.com/security/cve/CVE-2016-1971"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1971",
"url": "https://bugzilla.suse.com/969894"
},
{
"category": "external",
"summary": "SUSE Bug 970257 for CVE-2016-1971",
"url": "https://bugzilla.suse.com/970257"
},
{
"category": "external",
"summary": "SUSE Bug 970377 for CVE-2016-1971",
"url": "https://bugzilla.suse.com/970377"
},
{
"category": "external",
"summary": "SUSE Bug 970378 for CVE-2016-1971",
"url": "https://bugzilla.suse.com/970378"
},
{
"category": "external",
"summary": "SUSE Bug 970379 for CVE-2016-1971",
"url": "https://bugzilla.suse.com/970379"
},
{
"category": "external",
"summary": "SUSE Bug 970380 for CVE-2016-1971",
"url": "https://bugzilla.suse.com/970380"
},
{
"category": "external",
"summary": "SUSE Bug 970381 for CVE-2016-1971",
"url": "https://bugzilla.suse.com/970381"
},
{
"category": "external",
"summary": "SUSE Bug 970431 for CVE-2016-1971",
"url": "https://bugzilla.suse.com/970431"
},
{
"category": "external",
"summary": "SUSE Bug 970433 for CVE-2016-1971",
"url": "https://bugzilla.suse.com/970433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1971"
},
{
"cve": "CVE-2016-1972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1972"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in libvpx in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1972",
"url": "https://www.suse.com/security/cve/CVE-2016-1972"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1972",
"url": "https://bugzilla.suse.com/969894"
},
{
"category": "external",
"summary": "SUSE Bug 970257 for CVE-2016-1972",
"url": "https://bugzilla.suse.com/970257"
},
{
"category": "external",
"summary": "SUSE Bug 970377 for CVE-2016-1972",
"url": "https://bugzilla.suse.com/970377"
},
{
"category": "external",
"summary": "SUSE Bug 970378 for CVE-2016-1972",
"url": "https://bugzilla.suse.com/970378"
},
{
"category": "external",
"summary": "SUSE Bug 970379 for CVE-2016-1972",
"url": "https://bugzilla.suse.com/970379"
},
{
"category": "external",
"summary": "SUSE Bug 970380 for CVE-2016-1972",
"url": "https://bugzilla.suse.com/970380"
},
{
"category": "external",
"summary": "SUSE Bug 970381 for CVE-2016-1972",
"url": "https://bugzilla.suse.com/970381"
},
{
"category": "external",
"summary": "SUSE Bug 970431 for CVE-2016-1972",
"url": "https://bugzilla.suse.com/970431"
},
{
"category": "external",
"summary": "SUSE Bug 970433 for CVE-2016-1972",
"url": "https://bugzilla.suse.com/970433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1972"
},
{
"cve": "CVE-2016-1973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1973"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the GetStaticInstance function in the WebRTC implementation in Mozilla Firefox before 45.0 might allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1973",
"url": "https://www.suse.com/security/cve/CVE-2016-1973"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1973",
"url": "https://bugzilla.suse.com/969894"
},
{
"category": "external",
"summary": "SUSE Bug 970257 for CVE-2016-1973",
"url": "https://bugzilla.suse.com/970257"
},
{
"category": "external",
"summary": "SUSE Bug 970377 for CVE-2016-1973",
"url": "https://bugzilla.suse.com/970377"
},
{
"category": "external",
"summary": "SUSE Bug 970378 for CVE-2016-1973",
"url": "https://bugzilla.suse.com/970378"
},
{
"category": "external",
"summary": "SUSE Bug 970379 for CVE-2016-1973",
"url": "https://bugzilla.suse.com/970379"
},
{
"category": "external",
"summary": "SUSE Bug 970380 for CVE-2016-1973",
"url": "https://bugzilla.suse.com/970380"
},
{
"category": "external",
"summary": "SUSE Bug 970381 for CVE-2016-1973",
"url": "https://bugzilla.suse.com/970381"
},
{
"category": "external",
"summary": "SUSE Bug 970431 for CVE-2016-1973",
"url": "https://bugzilla.suse.com/970431"
},
{
"category": "external",
"summary": "SUSE Bug 970433 for CVE-2016-1973",
"url": "https://bugzilla.suse.com/970433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1973"
},
{
"cve": "CVE-2016-1974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1974"
}
],
"notes": [
{
"category": "general",
"text": "The nsScannerString::AppendUnicodeTo function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not verify that memory allocation succeeds, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via crafted Unicode data in an HTML, XML, or SVG document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1974",
"url": "https://www.suse.com/security/cve/CVE-2016-1974"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1974",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1974"
},
{
"cve": "CVE-2016-1975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1975"
}
],
"notes": [
{
"category": "general",
"text": "Multiple race conditions in dom/media/systemservices/CamerasChild.cpp in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1975",
"url": "https://www.suse.com/security/cve/CVE-2016-1975"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1975",
"url": "https://bugzilla.suse.com/969894"
},
{
"category": "external",
"summary": "SUSE Bug 970257 for CVE-2016-1975",
"url": "https://bugzilla.suse.com/970257"
},
{
"category": "external",
"summary": "SUSE Bug 970377 for CVE-2016-1975",
"url": "https://bugzilla.suse.com/970377"
},
{
"category": "external",
"summary": "SUSE Bug 970378 for CVE-2016-1975",
"url": "https://bugzilla.suse.com/970378"
},
{
"category": "external",
"summary": "SUSE Bug 970379 for CVE-2016-1975",
"url": "https://bugzilla.suse.com/970379"
},
{
"category": "external",
"summary": "SUSE Bug 970380 for CVE-2016-1975",
"url": "https://bugzilla.suse.com/970380"
},
{
"category": "external",
"summary": "SUSE Bug 970381 for CVE-2016-1975",
"url": "https://bugzilla.suse.com/970381"
},
{
"category": "external",
"summary": "SUSE Bug 970431 for CVE-2016-1975",
"url": "https://bugzilla.suse.com/970431"
},
{
"category": "external",
"summary": "SUSE Bug 970433 for CVE-2016-1975",
"url": "https://bugzilla.suse.com/970433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1975"
},
{
"cve": "CVE-2016-1976",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1976"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the DesktopDisplayDevice class in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1976",
"url": "https://www.suse.com/security/cve/CVE-2016-1976"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1976",
"url": "https://bugzilla.suse.com/969894"
},
{
"category": "external",
"summary": "SUSE Bug 970257 for CVE-2016-1976",
"url": "https://bugzilla.suse.com/970257"
},
{
"category": "external",
"summary": "SUSE Bug 970377 for CVE-2016-1976",
"url": "https://bugzilla.suse.com/970377"
},
{
"category": "external",
"summary": "SUSE Bug 970378 for CVE-2016-1976",
"url": "https://bugzilla.suse.com/970378"
},
{
"category": "external",
"summary": "SUSE Bug 970379 for CVE-2016-1976",
"url": "https://bugzilla.suse.com/970379"
},
{
"category": "external",
"summary": "SUSE Bug 970380 for CVE-2016-1976",
"url": "https://bugzilla.suse.com/970380"
},
{
"category": "external",
"summary": "SUSE Bug 970381 for CVE-2016-1976",
"url": "https://bugzilla.suse.com/970381"
},
{
"category": "external",
"summary": "SUSE Bug 970431 for CVE-2016-1976",
"url": "https://bugzilla.suse.com/970431"
},
{
"category": "external",
"summary": "SUSE Bug 970433 for CVE-2016-1976",
"url": "https://bugzilla.suse.com/970433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1976"
},
{
"cve": "CVE-2016-1977",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1977"
}
],
"notes": [
{
"category": "general",
"text": "The Machine::Code::decoder::analysis::set_ref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted Graphite smart font.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1977",
"url": "https://www.suse.com/security/cve/CVE-2016-1977"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1977",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1977"
},
{
"cve": "CVE-2016-1979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1979"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the PK11_ImportDERPrivateKeyInfoAndReturnKey function in Mozilla Network Security Services (NSS) before 3.21.1, as used in Mozilla Firefox before 45.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted key data with DER encoding.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1979",
"url": "https://www.suse.com/security/cve/CVE-2016-1979"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1979",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1979"
},
{
"cve": "CVE-2016-2790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2790"
}
],
"notes": [
{
"category": "general",
"text": "The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted Graphite smart font.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2790",
"url": "https://www.suse.com/security/cve/CVE-2016-2790"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2790",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2790"
},
{
"cve": "CVE-2016-2791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2791"
}
],
"notes": [
{
"category": "general",
"text": "The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2791",
"url": "https://www.suse.com/security/cve/CVE-2016-2791"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2791",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2791"
},
{
"cve": "CVE-2016-2792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2792"
}
],
"notes": [
{
"category": "general",
"text": "The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2800.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2792",
"url": "https://www.suse.com/security/cve/CVE-2016-2792"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2792",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2792"
},
{
"cve": "CVE-2016-2793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2793"
}
],
"notes": [
{
"category": "general",
"text": "CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2793",
"url": "https://www.suse.com/security/cve/CVE-2016-2793"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2793",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2793"
},
{
"cve": "CVE-2016-2794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2794"
}
],
"notes": [
{
"category": "general",
"text": "The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2794",
"url": "https://www.suse.com/security/cve/CVE-2016-2794"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2794",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2794"
},
{
"cve": "CVE-2016-2795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2795"
}
],
"notes": [
{
"category": "general",
"text": "The graphite2::FileFace::get_table_fn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted Graphite smart font.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2795",
"url": "https://www.suse.com/security/cve/CVE-2016-2795"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2795",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2795"
},
{
"cve": "CVE-2016-2796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2796"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2796",
"url": "https://www.suse.com/security/cve/CVE-2016-2796"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2796",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2796"
},
{
"cve": "CVE-2016-2797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2797"
}
],
"notes": [
{
"category": "general",
"text": "The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2801.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2797",
"url": "https://www.suse.com/security/cve/CVE-2016-2797"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2797",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2797"
},
{
"cve": "CVE-2016-2798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2798"
}
],
"notes": [
{
"category": "general",
"text": "The graphite2::GlyphCache::Loader::Loader function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2798",
"url": "https://www.suse.com/security/cve/CVE-2016-2798"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2798",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2798"
},
{
"cve": "CVE-2016-2799",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2799"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the graphite2::Slot::setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2799",
"url": "https://www.suse.com/security/cve/CVE-2016-2799"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2799",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2799"
},
{
"cve": "CVE-2016-2800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2800"
}
],
"notes": [
{
"category": "general",
"text": "The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2792.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2800",
"url": "https://www.suse.com/security/cve/CVE-2016-2800"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2800",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2800"
},
{
"cve": "CVE-2016-2801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2801"
}
],
"notes": [
{
"category": "general",
"text": "The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2797.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2801",
"url": "https://www.suse.com/security/cve/CVE-2016-2801"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2801",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2801"
},
{
"cve": "CVE-2016-2802",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2802"
}
],
"notes": [
{
"category": "general",
"text": "The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2802",
"url": "https://www.suse.com/security/cve/CVE-2016-2802"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2802",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2802"
},
{
"cve": "CVE-2016-2804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2804"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2804",
"url": "https://www.suse.com/security/cve/CVE-2016-2804"
},
{
"category": "external",
"summary": "SUSE Bug 977373 for CVE-2016-2804",
"url": "https://bugzilla.suse.com/977373"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2804"
},
{
"cve": "CVE-2016-2806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2806"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2806",
"url": "https://www.suse.com/security/cve/CVE-2016-2806"
},
{
"category": "external",
"summary": "SUSE Bug 977375 for CVE-2016-2806",
"url": "https://bugzilla.suse.com/977375"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2806"
},
{
"cve": "CVE-2016-2807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2807"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2807",
"url": "https://www.suse.com/security/cve/CVE-2016-2807"
},
{
"category": "external",
"summary": "SUSE Bug 977333 for CVE-2016-2807",
"url": "https://bugzilla.suse.com/977333"
},
{
"category": "external",
"summary": "SUSE Bug 977376 for CVE-2016-2807",
"url": "https://bugzilla.suse.com/977376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2807"
},
{
"cve": "CVE-2016-2808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2808"
}
],
"notes": [
{
"category": "general",
"text": "The watch implementation in the JavaScript engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code or cause a denial of service (generation-count overflow, out-of-bounds HashMap write access, and application crash) via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2808",
"url": "https://www.suse.com/security/cve/CVE-2016-2808"
},
{
"category": "external",
"summary": "SUSE Bug 977333 for CVE-2016-2808",
"url": "https://bugzilla.suse.com/977333"
},
{
"category": "external",
"summary": "SUSE Bug 977386 for CVE-2016-2808",
"url": "https://bugzilla.suse.com/977386"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2808"
},
{
"cve": "CVE-2016-2809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2809"
}
],
"notes": [
{
"category": "general",
"text": "The Mozilla Maintenance Service updater in Mozilla Firefox before 46.0 on Windows allows user-assisted remote attackers to delete arbitrary files by leveraging certain local file execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2809",
"url": "https://www.suse.com/security/cve/CVE-2016-2809"
},
{
"category": "external",
"summary": "SUSE Bug 977333 for CVE-2016-2809",
"url": "https://bugzilla.suse.com/977333"
},
{
"category": "external",
"summary": "SUSE Bug 977377 for CVE-2016-2809",
"url": "https://bugzilla.suse.com/977377"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2809"
},
{
"cve": "CVE-2016-2810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2810"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 46.0 on Android before 5.0 allows attackers to bypass intended Signature access requirements via a crafted application that leverages content-provider permissions, as demonstrated by reading the browser history or a saved password.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2810",
"url": "https://www.suse.com/security/cve/CVE-2016-2810"
},
{
"category": "external",
"summary": "SUSE Bug 977333 for CVE-2016-2810",
"url": "https://bugzilla.suse.com/977333"
},
{
"category": "external",
"summary": "SUSE Bug 977378 for CVE-2016-2810",
"url": "https://bugzilla.suse.com/977378"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2810"
},
{
"cve": "CVE-2016-2811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2811"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the ServiceWorkerInfo class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code via vectors related to the BeginReading method.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2811",
"url": "https://www.suse.com/security/cve/CVE-2016-2811"
},
{
"category": "external",
"summary": "SUSE Bug 977379 for CVE-2016-2811",
"url": "https://bugzilla.suse.com/977379"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2811"
},
{
"cve": "CVE-2016-2812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2812"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the get implementation in the ServiceWorkerManager class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2812",
"url": "https://www.suse.com/security/cve/CVE-2016-2812"
},
{
"category": "external",
"summary": "SUSE Bug 977379 for CVE-2016-2812",
"url": "https://bugzilla.suse.com/977379"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2812"
},
{
"cve": "CVE-2016-2813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2813"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device\u0027s physical environment, and possibly discover PIN values, via a crafted web site, a similar issue to CVE-2016-1780.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2813",
"url": "https://www.suse.com/security/cve/CVE-2016-2813"
},
{
"category": "external",
"summary": "SUSE Bug 977333 for CVE-2016-2813",
"url": "https://bugzilla.suse.com/977333"
},
{
"category": "external",
"summary": "SUSE Bug 977380 for CVE-2016-2813",
"url": "https://bugzilla.suse.com/977380"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2813"
},
{
"cve": "CVE-2016-2814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2814"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo function in libstagefright in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code via crafted CENC offsets that lead to mismanagement of the sizes table.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2814",
"url": "https://www.suse.com/security/cve/CVE-2016-2814"
},
{
"category": "external",
"summary": "SUSE Bug 977333 for CVE-2016-2814",
"url": "https://bugzilla.suse.com/977333"
},
{
"category": "external",
"summary": "SUSE Bug 977381 for CVE-2016-2814",
"url": "https://bugzilla.suse.com/977381"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2814"
},
{
"cve": "CVE-2016-2815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2815"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2815",
"url": "https://www.suse.com/security/cve/CVE-2016-2815"
},
{
"category": "external",
"summary": "SUSE Bug 983549 for CVE-2016-2815",
"url": "https://bugzilla.suse.com/983549"
},
{
"category": "external",
"summary": "SUSE Bug 983638 for CVE-2016-2815",
"url": "https://bugzilla.suse.com/983638"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2815"
},
{
"cve": "CVE-2016-2816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2816"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 46.0 allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via the multipart/x-mixed-replace content type.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2816",
"url": "https://www.suse.com/security/cve/CVE-2016-2816"
},
{
"category": "external",
"summary": "SUSE Bug 977382 for CVE-2016-2816",
"url": "https://bugzilla.suse.com/977382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2816"
},
{
"cve": "CVE-2016-2817",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2817"
}
],
"notes": [
{
"category": "general",
"text": "The WebExtension sandbox feature in browser/components/extensions/ext-tabs.js in Mozilla Firefox before 46.0 does not properly restrict principal inheritance during chrome.tabs.create and chrome.tabs.update API calls, which allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted extension that accesses a (1) javascript: or (2) data: URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2817",
"url": "https://www.suse.com/security/cve/CVE-2016-2817"
},
{
"category": "external",
"summary": "SUSE Bug 977384 for CVE-2016-2817",
"url": "https://bugzilla.suse.com/977384"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2817"
},
{
"cve": "CVE-2016-2818",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2818"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2818",
"url": "https://www.suse.com/security/cve/CVE-2016-2818"
},
{
"category": "external",
"summary": "SUSE Bug 983549 for CVE-2016-2818",
"url": "https://bugzilla.suse.com/983549"
},
{
"category": "external",
"summary": "SUSE Bug 983638 for CVE-2016-2818",
"url": "https://bugzilla.suse.com/983638"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2818"
},
{
"cve": "CVE-2016-2819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2819"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fragments within an SVG element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2819",
"url": "https://www.suse.com/security/cve/CVE-2016-2819"
},
{
"category": "external",
"summary": "SUSE Bug 983549 for CVE-2016-2819",
"url": "https://bugzilla.suse.com/983549"
},
{
"category": "external",
"summary": "SUSE Bug 983655 for CVE-2016-2819",
"url": "https://bugzilla.suse.com/983655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2819"
},
{
"cve": "CVE-2016-2820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2820"
}
],
"notes": [
{
"category": "general",
"text": "The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Firefox before 46.0 does not properly restrict the origin of events, which makes it easier for remote attackers to modify sharing preferences by leveraging access to the remote-report IFRAME element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2820",
"url": "https://www.suse.com/security/cve/CVE-2016-2820"
},
{
"category": "external",
"summary": "SUSE Bug 977388 for CVE-2016-2820",
"url": "https://bugzilla.suse.com/977388"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2820"
},
{
"cve": "CVE-2016-2821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2821"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::dom::Element class in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2, when contenteditable mode is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by triggering deletion of DOM elements that were created in the editor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2821",
"url": "https://www.suse.com/security/cve/CVE-2016-2821"
},
{
"category": "external",
"summary": "SUSE Bug 983549 for CVE-2016-2821",
"url": "https://bugzilla.suse.com/983549"
},
{
"category": "external",
"summary": "SUSE Bug 983653 for CVE-2016-2821",
"url": "https://bugzilla.suse.com/983653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2821"
},
{
"cve": "CVE-2016-2822",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2822"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the address bar via a SELECT element with a persistent menu.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2822",
"url": "https://www.suse.com/security/cve/CVE-2016-2822"
},
{
"category": "external",
"summary": "SUSE Bug 983549 for CVE-2016-2822",
"url": "https://bugzilla.suse.com/983549"
},
{
"category": "external",
"summary": "SUSE Bug 983652 for CVE-2016-2822",
"url": "https://bugzilla.suse.com/983652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2822"
},
{
"cve": "CVE-2016-2824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2824"
}
],
"notes": [
{
"category": "general",
"text": "The TSymbolTableLevel class in ANGLE, as used in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 on Windows, allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact by triggering use of a WebGL shader that writes to an array.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2824",
"url": "https://www.suse.com/security/cve/CVE-2016-2824"
},
{
"category": "external",
"summary": "SUSE Bug 983549 for CVE-2016-2824",
"url": "https://bugzilla.suse.com/983549"
},
{
"category": "external",
"summary": "SUSE Bug 983651 for CVE-2016-2824",
"url": "https://bugzilla.suse.com/983651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2824"
},
{
"cve": "CVE-2016-2825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2825"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 47.0 allows remote attackers to bypass the Same Origin Policy and modify the location.host property via an invalid data: URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2825",
"url": "https://www.suse.com/security/cve/CVE-2016-2825"
},
{
"category": "external",
"summary": "SUSE Bug 983549 for CVE-2016-2825",
"url": "https://bugzilla.suse.com/983549"
},
{
"category": "external",
"summary": "SUSE Bug 983649 for CVE-2016-2825",
"url": "https://bugzilla.suse.com/983649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2825"
},
{
"cve": "CVE-2016-2827",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2827"
}
],
"notes": [
{
"category": "general",
"text": "The mozilla::net::IsValidReferrerPolicy function in Mozilla Firefox before 49.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a Content Security Policy (CSP) referrer directive with zero values.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2827",
"url": "https://www.suse.com/security/cve/CVE-2016-2827"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-2827",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2827"
},
{
"cve": "CVE-2016-2828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2828"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via WebGL content that triggers texture access after destruction of the texture\u0027s recycle pool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2828",
"url": "https://www.suse.com/security/cve/CVE-2016-2828"
},
{
"category": "external",
"summary": "SUSE Bug 983549 for CVE-2016-2828",
"url": "https://bugzilla.suse.com/983549"
},
{
"category": "external",
"summary": "SUSE Bug 983646 for CVE-2016-2828",
"url": "https://bugzilla.suse.com/983646"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2828"
},
{
"cve": "CVE-2016-2829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2829"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 47.0 allows remote attackers to spoof permission notifications via a crafted web site that rapidly triggers permission requests, as demonstrated by the microphone permission or the geolocation permission.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2829",
"url": "https://www.suse.com/security/cve/CVE-2016-2829"
},
{
"category": "external",
"summary": "SUSE Bug 983549 for CVE-2016-2829",
"url": "https://bugzilla.suse.com/983549"
},
{
"category": "external",
"summary": "SUSE Bug 983644 for CVE-2016-2829",
"url": "https://bugzilla.suse.com/983644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2829"
},
{
"cve": "CVE-2016-2830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2830"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve the network connection used for favicon resource retrieval after the associated browser window is closed, which makes it easier for remote web servers to track users by observing network traffic from multiple IP addresses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2830",
"url": "https://www.suse.com/security/cve/CVE-2016-2830"
},
{
"category": "external",
"summary": "SUSE Bug 983922 for CVE-2016-2830",
"url": "https://bugzilla.suse.com/983922"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-2830",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2830"
},
{
"cve": "CVE-2016-2831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2831"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service (UI outage), or conduct clickjacking or spoofing attacks, via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2831",
"url": "https://www.suse.com/security/cve/CVE-2016-2831"
},
{
"category": "external",
"summary": "SUSE Bug 983549 for CVE-2016-2831",
"url": "https://bugzilla.suse.com/983549"
},
{
"category": "external",
"summary": "SUSE Bug 983632 for CVE-2016-2831",
"url": "https://bugzilla.suse.com/983632"
},
{
"category": "external",
"summary": "SUSE Bug 983643 for CVE-2016-2831",
"url": "https://bugzilla.suse.com/983643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2831"
},
{
"cve": "CVE-2016-2832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2832"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 47.0 allows remote attackers to discover the list of disabled plugins via a fingerprinting attack involving Cascading Style Sheets (CSS) pseudo-classes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2832",
"url": "https://www.suse.com/security/cve/CVE-2016-2832"
},
{
"category": "external",
"summary": "SUSE Bug 983549 for CVE-2016-2832",
"url": "https://bugzilla.suse.com/983549"
},
{
"category": "external",
"summary": "SUSE Bug 983632 for CVE-2016-2832",
"url": "https://bugzilla.suse.com/983632"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2832"
},
{
"cve": "CVE-2016-2833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2833"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 47.0 ignores Content Security Policy (CSP) directives for cross-domain Java applets, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted applet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2833",
"url": "https://www.suse.com/security/cve/CVE-2016-2833"
},
{
"category": "external",
"summary": "SUSE Bug 983549 for CVE-2016-2833",
"url": "https://bugzilla.suse.com/983549"
},
{
"category": "external",
"summary": "SUSE Bug 983640 for CVE-2016-2833",
"url": "https://bugzilla.suse.com/983640"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2833"
},
{
"cve": "CVE-2016-2834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2834"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2834",
"url": "https://www.suse.com/security/cve/CVE-2016-2834"
},
{
"category": "external",
"summary": "SUSE Bug 983549 for CVE-2016-2834",
"url": "https://bugzilla.suse.com/983549"
},
{
"category": "external",
"summary": "SUSE Bug 983639 for CVE-2016-2834",
"url": "https://bugzilla.suse.com/983639"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2834"
},
{
"cve": "CVE-2016-2835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2835"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 48.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2835",
"url": "https://www.suse.com/security/cve/CVE-2016-2835"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-2835",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2835"
},
{
"cve": "CVE-2016-2836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2836"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to Http2Session::Shutdown and SpdySession31::Shutdown, and other vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2836",
"url": "https://www.suse.com/security/cve/CVE-2016-2836"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-2836",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2836"
},
{
"cve": "CVE-2016-2837",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2837"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Extensions (EME) API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media Plugin (GMP) sandbox bypass.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2837",
"url": "https://www.suse.com/security/cve/CVE-2016-2837"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-2837",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2837"
},
{
"cve": "CVE-2016-2838",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2838"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via directional content in an SVG document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2838",
"url": "https://www.suse.com/security/cve/CVE-2016-2838"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-2838",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2838"
},
{
"cve": "CVE-2016-2839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2839"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 on Linux make cairo _cairo_surface_get_extents calls that do not properly interact with libav header allocation in FFmpeg 0.10, which allows remote attackers to cause a denial of service (application crash) via a crafted video.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2839",
"url": "https://www.suse.com/security/cve/CVE-2016-2839"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-2839",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2839"
},
{
"cve": "CVE-2016-5250",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5250"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 48.0, Firefox ESR \u003c 45.4 and Thunderbird \u003c 45.4 allow remote attackers to obtain sensitive information about the previously retrieved page via Resource Timing API calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5250",
"url": "https://www.suse.com/security/cve/CVE-2016-5250"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5250",
"url": "https://bugzilla.suse.com/991809"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5250",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5250"
},
{
"cve": "CVE-2016-5251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5251"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 48.0 allows remote attackers to spoof the location bar via crafted characters in the media type of a data: URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5251",
"url": "https://www.suse.com/security/cve/CVE-2016-5251"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5251",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5251"
},
{
"cve": "CVE-2016-5252",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5252"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via crafted two-dimensional graphics data that is mishandled during clipping-region calculations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5252",
"url": "https://www.suse.com/security/cve/CVE-2016-5252"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5252",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5252"
},
{
"cve": "CVE-2016-5253",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5253"
}
],
"notes": [
{
"category": "general",
"text": "The Updater in Mozilla Firefox before 48.0 on Windows allows local users to write to arbitrary files via vectors involving the callback application-path parameter and a hard link.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5253",
"url": "https://www.suse.com/security/cve/CVE-2016-5253"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5253",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5253"
},
{
"cve": "CVE-2016-5254",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5254"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsXULPopupManager::KeyDown function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by leveraging keyboard access to use the Alt key during selection of top-level menu items.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5254",
"url": "https://www.suse.com/security/cve/CVE-2016-5254"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5254",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5254"
},
{
"cve": "CVE-2016-5255",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5255"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the js::PreliminaryObjectArray::sweep function in Mozilla Firefox before 48.0 allows remote attackers to execute arbitrary code via crafted JavaScript that is mishandled during incremental garbage collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5255",
"url": "https://www.suse.com/security/cve/CVE-2016-5255"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5255",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5255"
},
{
"cve": "CVE-2016-5256",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5256"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5256",
"url": "https://www.suse.com/security/cve/CVE-2016-5256"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5256",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5256"
},
{
"cve": "CVE-2016-5257",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5257"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4 and Thunderbird \u003c 45.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5257",
"url": "https://www.suse.com/security/cve/CVE-2016-5257"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5257",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5257"
},
{
"cve": "CVE-2016-5258",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5258"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the WebRTC socket thread in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code by leveraging incorrect free operations on DTLS objects during the shutdown of a WebRTC session.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5258",
"url": "https://www.suse.com/security/cve/CVE-2016-5258"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5258",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5258"
},
{
"cve": "CVE-2016-5259",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5259"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via a script that closes its own Service Worker within a nested sync event loop.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5259",
"url": "https://www.suse.com/security/cve/CVE-2016-5259"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5259",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5259"
},
{
"cve": "CVE-2016-5260",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5260"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 48.0 mishandles changes from \u0027INPUT type=\"password\"\u0027 to \u0027INPUT type=\"text\"\u0027 within a single Session Manager session, which might allow attackers to discover cleartext passwords by reading a session restoration file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5260",
"url": "https://www.suse.com/security/cve/CVE-2016-5260"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5260",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5260"
},
{
"cve": "CVE-2016-5261",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5261"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR \u003c 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets that trigger incorrect buffer-resize operations during buffering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5261",
"url": "https://www.suse.com/security/cve/CVE-2016-5261"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5261",
"url": "https://bugzilla.suse.com/991809"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5261",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5261"
},
{
"cve": "CVE-2016-5262",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5262"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 process JavaScript event-handler attributes of a MARQUEE element within a sandboxed IFRAME element that lacks the sandbox=\"allow-scripts\" attribute value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5262",
"url": "https://www.suse.com/security/cve/CVE-2016-5262"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5262",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5262"
},
{
"cve": "CVE-2016-5263",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5263"
}
],
"notes": [
{
"category": "general",
"text": "The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 mishandles rendering display transformation, which allows remote attackers to execute arbitrary code via a crafted web site that leverages \"type confusion.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5263",
"url": "https://www.suse.com/security/cve/CVE-2016-5263"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5263",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5263"
},
{
"cve": "CVE-2016-5264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5264"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildListChange function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG element that is mishandled during effect application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5264",
"url": "https://www.suse.com/security/cve/CVE-2016-5264"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5264",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5264"
},
{
"cve": "CVE-2016-5265",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5265"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow user-assisted remote attackers to bypass the Same Origin Policy, and conduct Universal XSS (UXSS) attacks or read arbitrary files, by arranging for the presence of a crafted HTML document and a crafted shortcut file in the same local directory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5265",
"url": "https://www.suse.com/security/cve/CVE-2016-5265"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5265",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5265"
},
{
"cve": "CVE-2016-5266",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5266"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 48.0 does not properly restrict drag-and-drop (aka dataTransfer) actions for file: URIs, which allows user-assisted remote attackers to access local files via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5266",
"url": "https://www.suse.com/security/cve/CVE-2016-5266"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5266",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5266"
},
{
"cve": "CVE-2016-5267",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5267"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 48.0 on Android allows remote attackers to spoof the address bar via left-to-right characters in conjunction with a right-to-left character set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5267",
"url": "https://www.suse.com/security/cve/CVE-2016-5267"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5267",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5267"
},
{
"cve": "CVE-2016-5268",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5268"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 48.0 does not properly set the LINKABLE and URI_SAFE_FOR_UNTRUSTED_CONTENT flags of about: URLs that are used for error pages, which makes it easier for remote attackers to conduct spoofing attacks via a crafted URL, as demonstrated by misleading text after an about:neterror?d= substring.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5268",
"url": "https://www.suse.com/security/cve/CVE-2016-5268"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5268",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5268"
},
{
"cve": "CVE-2016-5270",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5270"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to cause a denial of service (boolean out-of-bounds write) or possibly have unspecified other impact via Unicode characters that are mishandled during text conversion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5270",
"url": "https://www.suse.com/security/cve/CVE-2016-5270"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5270",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5270"
},
{
"cve": "CVE-2016-5271",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5271"
}
],
"notes": [
{
"category": "general",
"text": "The PropertyProvider::GetSpacingInternal function in Mozilla Firefox before 49.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via text runs in conjunction with a \"display: contents\" Cascading Style Sheets (CSS) property.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5271",
"url": "https://www.suse.com/security/cve/CVE-2016-5271"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5271",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5271"
},
{
"cve": "CVE-2016-5272",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5272"
}
],
"notes": [
{
"category": "general",
"text": "The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 does not properly perform a cast of an unspecified variable during handling of INPUT elements, which allows remote attackers to execute arbitrary code via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5272",
"url": "https://www.suse.com/security/cve/CVE-2016-5272"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5272",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5272"
},
{
"cve": "CVE-2016-5273",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5273"
}
],
"notes": [
{
"category": "general",
"text": "The mozilla::a11y::HyperTextAccessible::GetChildOffset function in the accessibility implementation in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5273",
"url": "https://www.suse.com/security/cve/CVE-2016-5273"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5273",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5273"
},
{
"cve": "CVE-2016-5274",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5274"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model implementation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5274",
"url": "https://www.suse.com/security/cve/CVE-2016-5274"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5274",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5274"
},
{
"cve": "CVE-2016-5275",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5275"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the mozilla::gfx::FilterSupport::ComputeSourceNeededRegions function in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code by leveraging improper interaction between empty filters and CANVAS element rendering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5275",
"url": "https://www.suse.com/security/cve/CVE-2016-5275"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5275",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5275"
},
{
"cve": "CVE-2016-5276",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5276"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an aria-owns attribute.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5276",
"url": "https://www.suse.com/security/cve/CVE-2016-5276"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5276",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5276"
},
{
"cve": "CVE-2016-5277",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5277"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging improper interaction between timeline destruction and the Web Animations model implementation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5277",
"url": "https://www.suse.com/security/cve/CVE-2016-5277"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5277",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5277"
},
{
"cve": "CVE-2016-5278",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5278"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to execute arbitrary code via a crafted image data that is mishandled during the encoding of an image frame to an image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5278",
"url": "https://www.suse.com/security/cve/CVE-2016-5278"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5278",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5278"
},
{
"cve": "CVE-2016-5279",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5279"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 49.0 allows user-assisted remote attackers to obtain sensitive full-pathname information during a local-file drag-and-drop operation via crafted JavaScript code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5279",
"url": "https://www.suse.com/security/cve/CVE-2016-5279"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5279",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5279"
},
{
"cve": "CVE-2016-5280",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5280"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to execute arbitrary code via bidirectional text.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5280",
"url": "https://www.suse.com/security/cve/CVE-2016-5280"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5280",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5280"
},
{
"cve": "CVE-2016-5281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5281"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5281",
"url": "https://www.suse.com/security/cve/CVE-2016-5281"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5281",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5281"
},
{
"cve": "CVE-2016-5282",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5282"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 49.0 does not properly restrict the scheme in favicon requests, which might allow remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by a jar: URL for a favicon resource.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5282",
"url": "https://www.suse.com/security/cve/CVE-2016-5282"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5282",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5282"
},
{
"cve": "CVE-2016-5283",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5283"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 49.0 allows remote attackers to bypass the Same Origin Policy via a crafted fragment identifier in the SRC attribute of an IFRAME element, leading to insufficient restrictions on link-color information after a document is resized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5283",
"url": "https://www.suse.com/security/cve/CVE-2016-5283"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5283",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5283"
},
{
"cve": "CVE-2016-5284",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5284"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org signed by an arbitrary built-in Certification Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5284",
"url": "https://www.suse.com/security/cve/CVE-2016-5284"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5284",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5284"
},
{
"cve": "CVE-2016-5287",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5287"
}
],
"notes": [
{
"category": "general",
"text": "A potentially exploitable use-after-free crash during actor destruction with service workers. This issue does not affect releases earlier than Firefox 49. This vulnerability affects Firefox \u003c 49.0.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5287",
"url": "https://www.suse.com/security/cve/CVE-2016-5287"
},
{
"category": "external",
"summary": "SUSE Bug 1006475 for CVE-2016-5287",
"url": "https://bugzilla.suse.com/1006475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5287"
},
{
"cve": "CVE-2016-5288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5288"
}
],
"notes": [
{
"category": "general",
"text": "Web content could access information in the HTTP cache if e10s is disabled. This can reveal some visited URLs and the contents of those pages. This issue affects Firefox 48 and 49. This vulnerability affects Firefox \u003c 49.0.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5288",
"url": "https://www.suse.com/security/cve/CVE-2016-5288"
},
{
"category": "external",
"summary": "SUSE Bug 1006476 for CVE-2016-5288",
"url": "https://bugzilla.suse.com/1006476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5288"
},
{
"cve": "CVE-2016-5289",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5289"
}
],
"notes": [
{
"category": "general",
"text": "Memory safety bugs were reported in Firefox 49. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5289",
"url": "https://www.suse.com/security/cve/CVE-2016-5289"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-5289",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010426 for CVE-2016-5289",
"url": "https://bugzilla.suse.com/1010426"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5289"
},
{
"cve": "CVE-2016-5290",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5290"
}
],
"notes": [
{
"category": "general",
"text": "Memory safety bugs were reported in Firefox 49 and Firefox ESR 45.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5290",
"url": "https://www.suse.com/security/cve/CVE-2016-5290"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-5290",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010427 for CVE-2016-5290",
"url": "https://bugzilla.suse.com/1010427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5290"
},
{
"cve": "CVE-2016-5291",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5291"
}
],
"notes": [
{
"category": "general",
"text": "A same-origin policy bypass with local shortcut files to load arbitrary local content from disk. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5291",
"url": "https://www.suse.com/security/cve/CVE-2016-5291"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-5291",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010410 for CVE-2016-5291",
"url": "https://bugzilla.suse.com/1010410"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5291"
},
{
"cve": "CVE-2016-5292",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5292"
}
],
"notes": [
{
"category": "general",
"text": "During URL parsing, a maliciously crafted URL can cause a potentially exploitable crash. This vulnerability affects Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5292",
"url": "https://www.suse.com/security/cve/CVE-2016-5292"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-5292",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010399 for CVE-2016-5292",
"url": "https://bugzilla.suse.com/1010399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5292"
},
{
"cve": "CVE-2016-5293",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5293"
}
],
"notes": [
{
"category": "general",
"text": "When the Mozilla Updater is run, if the Updater\u0027s log file in the working directory points to a hardlink, data can be appended to an arbitrary local file. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Firefox ESR \u003c 45.5 and Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5293",
"url": "https://www.suse.com/security/cve/CVE-2016-5293"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-5293",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010400 for CVE-2016-5293",
"url": "https://bugzilla.suse.com/1010400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5293"
},
{
"cve": "CVE-2016-5294",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5294"
}
],
"notes": [
{
"category": "general",
"text": "The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5294",
"url": "https://www.suse.com/security/cve/CVE-2016-5294"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-5294",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010396 for CVE-2016-5294",
"url": "https://bugzilla.suse.com/1010396"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5294"
},
{
"cve": "CVE-2016-5295",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5295"
}
],
"notes": [
{
"category": "general",
"text": "This vulnerability allows an attacker to use the Mozilla Maintenance Service to escalate privilege by having the Maintenance Service invoke the Mozilla Updater to run malicious local files. This vulnerability requires local system access and is a variant of MFSA2013-44. Note: this issue only affects Windows operating systems. This vulnerability affects Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5295",
"url": "https://www.suse.com/security/cve/CVE-2016-5295"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-5295",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010411 for CVE-2016-5295",
"url": "https://bugzilla.suse.com/1010411"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5295"
},
{
"cve": "CVE-2016-5296",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5296"
}
],
"notes": [
{
"category": "general",
"text": "A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5296",
"url": "https://www.suse.com/security/cve/CVE-2016-5296"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-5296",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010395 for CVE-2016-5296",
"url": "https://bugzilla.suse.com/1010395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5296"
},
{
"cve": "CVE-2016-5297",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5297"
}
],
"notes": [
{
"category": "general",
"text": "An error in argument length checking in JavaScript, leading to potential integer overflows or other bounds checking issues. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5297",
"url": "https://www.suse.com/security/cve/CVE-2016-5297"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-5297",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010401 for CVE-2016-5297",
"url": "https://bugzilla.suse.com/1010401"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5297"
},
{
"cve": "CVE-2016-5298",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5298"
}
],
"notes": [
{
"category": "general",
"text": "A mechanism where disruption of the loading of a new web page can cause the previous page\u0027s favicon and SSL indicator to not be reset when the new page is loaded. Note: this issue only affects Firefox for Android. Desktop Firefox is unaffected. This vulnerability affects Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5298",
"url": "https://www.suse.com/security/cve/CVE-2016-5298"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-5298",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010412 for CVE-2016-5298",
"url": "https://bugzilla.suse.com/1010412"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5298"
},
{
"cve": "CVE-2016-5299",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5299"
}
],
"notes": [
{
"category": "general",
"text": "A previously installed malicious Android application with same signature-level permissions as Firefox can intercept AuthTokens meant for Firefox only. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5299",
"url": "https://www.suse.com/security/cve/CVE-2016-5299"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-5299",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010413 for CVE-2016-5299",
"url": "https://bugzilla.suse.com/1010413"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5299"
},
{
"cve": "CVE-2016-6354",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-6354"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-6354",
"url": "https://www.suse.com/security/cve/CVE-2016-6354"
},
{
"category": "external",
"summary": "SUSE Bug 1026047 for CVE-2016-6354",
"url": "https://bugzilla.suse.com/1026047"
},
{
"category": "external",
"summary": "SUSE Bug 1035082 for CVE-2016-6354",
"url": "https://bugzilla.suse.com/1035082"
},
{
"category": "external",
"summary": "SUSE Bug 1035209 for CVE-2016-6354",
"url": "https://bugzilla.suse.com/1035209"
},
{
"category": "external",
"summary": "SUSE Bug 990856 for CVE-2016-6354",
"url": "https://bugzilla.suse.com/990856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-6354"
},
{
"cve": "CVE-2016-9061",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9061"
}
],
"notes": [
{
"category": "general",
"text": "A previously installed malicious Android application which defines a specific signature-level permissions used by Firefox can access API keys meant for Firefox only. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9061",
"url": "https://www.suse.com/security/cve/CVE-2016-9061"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-9061",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010418 for CVE-2016-9061",
"url": "https://bugzilla.suse.com/1010418"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9061"
},
{
"cve": "CVE-2016-9062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9062"
}
],
"notes": [
{
"category": "general",
"text": "Private browsing mode leaves metadata information, such as URLs, for sites visited in \"browser.db\" and \"browser.db-wal\" files within the Firefox profile after the mode is exited. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9062",
"url": "https://www.suse.com/security/cve/CVE-2016-9062"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-9062",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010419 for CVE-2016-9062",
"url": "https://bugzilla.suse.com/1010419"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9062"
},
{
"cve": "CVE-2016-9063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9063"
}
],
"notes": [
{
"category": "general",
"text": "An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9063",
"url": "https://www.suse.com/security/cve/CVE-2016-9063"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-9063",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010424 for CVE-2016-9063",
"url": "https://bugzilla.suse.com/1010424"
},
{
"category": "external",
"summary": "SUSE Bug 1047240 for CVE-2016-9063",
"url": "https://bugzilla.suse.com/1047240"
},
{
"category": "external",
"summary": "SUSE Bug 1123115 for CVE-2016-9063",
"url": "https://bugzilla.suse.com/1123115"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2016-9063"
},
{
"cve": "CVE-2016-9064",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9064"
}
],
"notes": [
{
"category": "general",
"text": "Add-on updates failed to verify that the add-on ID inside the signed package matched the ID of the add-on being updated. An attacker who could perform a man-in-the-middle attack on the user\u0027s connection to the update server and defeat the certificate pinning protection could provide a malicious signed add-on instead of a valid update. This vulnerability affects Firefox ESR \u003c 45.5 and Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9064",
"url": "https://www.suse.com/security/cve/CVE-2016-9064"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-9064",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010402 for CVE-2016-9064",
"url": "https://bugzilla.suse.com/1010402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9064"
},
{
"cve": "CVE-2016-9065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9065"
}
],
"notes": [
{
"category": "general",
"text": "The location bar in Firefox for Android can be spoofed by forcing a user into fullscreen mode, blocking its exiting, and creating of a fake location bar without any user notification. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9065",
"url": "https://www.suse.com/security/cve/CVE-2016-9065"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-9065",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010403 for CVE-2016-9065",
"url": "https://bugzilla.suse.com/1010403"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9065"
},
{
"cve": "CVE-2016-9066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9066"
}
],
"notes": [
{
"category": "general",
"text": "A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when handling large amounts of incoming data. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9066",
"url": "https://www.suse.com/security/cve/CVE-2016-9066"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-9066",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010404 for CVE-2016-9066",
"url": "https://bugzilla.suse.com/1010404"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9066"
},
{
"cve": "CVE-2016-9067",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9067"
}
],
"notes": [
{
"category": "general",
"text": "Two use-after-free errors during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9067",
"url": "https://www.suse.com/security/cve/CVE-2016-9067"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-9067",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010405 for CVE-2016-9067",
"url": "https://bugzilla.suse.com/1010405"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9067"
},
{
"cve": "CVE-2016-9068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9068"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free during web animations when working with timelines resulting in a potentially exploitable crash. This vulnerability affects Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9068",
"url": "https://www.suse.com/security/cve/CVE-2016-9068"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-9068",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010406 for CVE-2016-9068",
"url": "https://bugzilla.suse.com/1010406"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-9068"
},
{
"cve": "CVE-2016-9069",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9069"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free in nsINode::ReplaceOrInsertBefore during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9069",
"url": "https://www.suse.com/security/cve/CVE-2016-9069"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-9069",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010405 for CVE-2016-9069",
"url": "https://bugzilla.suse.com/1010405"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9069"
},
{
"cve": "CVE-2016-9070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9070"
}
],
"notes": [
{
"category": "general",
"text": "A maliciously crafted page loaded to the sidebar through a bookmark can reference a privileged chrome window and engage in limited JavaScript operations violating cross-origin protections. This vulnerability affects Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9070",
"url": "https://www.suse.com/security/cve/CVE-2016-9070"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-9070",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010420 for CVE-2016-9070",
"url": "https://bugzilla.suse.com/1010420"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-9070"
},
{
"cve": "CVE-2016-9071",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9071"
}
],
"notes": [
{
"category": "general",
"text": "Content Security Policy combined with HTTP to HTTPS redirection can be used by malicious server to verify whether a known site is within a user\u0027s browser history. This vulnerability affects Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9071",
"url": "https://www.suse.com/security/cve/CVE-2016-9071"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-9071",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010425 for CVE-2016-9071",
"url": "https://bugzilla.suse.com/1010425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-9071"
},
{
"cve": "CVE-2016-9072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9072"
}
],
"notes": [
{
"category": "general",
"text": "When a new Firefox profile is created on 64-bit Windows installations, the sandbox for 64-bit NPAPI plugins is not enabled by default. Note: This issue only affects 64-bit Windows. 32-bit Windows and other operating systems are unaffected. This vulnerability affects Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9072",
"url": "https://www.suse.com/security/cve/CVE-2016-9072"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-9072",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010407 for CVE-2016-9072",
"url": "https://bugzilla.suse.com/1010407"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9072"
},
{
"cve": "CVE-2016-9073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9073"
}
],
"notes": [
{
"category": "general",
"text": "WebExtensions can bypass security checks to load privileged URLs and potentially escape the WebExtension sandbox. This vulnerability affects Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9073",
"url": "https://www.suse.com/security/cve/CVE-2016-9073"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-9073",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010421 for CVE-2016-9073",
"url": "https://bugzilla.suse.com/1010421"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-9073"
},
{
"cve": "CVE-2016-9074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9074"
}
],
"notes": [
{
"category": "general",
"text": "An existing mitigation of timing side-channel attacks is insufficient in some circumstances. This issue is addressed in Network Security Services (NSS) 3.26.1. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9074",
"url": "https://www.suse.com/security/cve/CVE-2016-9074"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-9074",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010422 for CVE-2016-9074",
"url": "https://bugzilla.suse.com/1010422"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-9074"
},
{
"cve": "CVE-2016-9075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9075"
}
],
"notes": [
{
"category": "general",
"text": "An issue where WebExtensions can use the mozAddonManager API to elevate privilege due to privileged pages being allowed in the permissions list. This allows a malicious extension to then install additional extensions without explicit user permission. This vulnerability affects Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9075",
"url": "https://www.suse.com/security/cve/CVE-2016-9075"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-9075",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010408 for CVE-2016-9075",
"url": "https://bugzilla.suse.com/1010408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9075"
},
{
"cve": "CVE-2016-9076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9076"
}
],
"notes": [
{
"category": "general",
"text": "An issue where a \"\u003cselect\u003e\" dropdown menu can be used to cover location bar content, resulting in potential spoofing attacks. This attack requires e10s to be enabled in order to function. This vulnerability affects Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9076",
"url": "https://www.suse.com/security/cve/CVE-2016-9076"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-9076",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010423 for CVE-2016-9076",
"url": "https://bugzilla.suse.com/1010423"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9076"
},
{
"cve": "CVE-2016-9077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9077"
}
],
"notes": [
{
"category": "general",
"text": "Canvas allows the use of the \"feDisplacementMap\" filter on images loaded cross-origin. The rendering by the filter is variable depending on the input pixel, allowing for timing attacks when the images are loaded from third party locations. This vulnerability affects Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9077",
"url": "https://www.suse.com/security/cve/CVE-2016-9077"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-9077",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010409 for CVE-2016-9077",
"url": "https://bugzilla.suse.com/1010409"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9077"
},
{
"cve": "CVE-2016-9078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9078"
}
],
"notes": [
{
"category": "general",
"text": "Redirection from an HTTP connection to a \"data:\" URL assigns the referring site\u0027s origin to the \"data:\" URL in some circumstances. This can result in same-origin violations against a domain if it loads resources from malicious sites. Cross-origin setting of cookies has been demonstrated without the ability to read them. Note: This issue only affects Firefox 49 and 50. This vulnerability affects Firefox \u003c 50.0.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9078",
"url": "https://www.suse.com/security/cve/CVE-2016-9078"
},
{
"category": "external",
"summary": "SUSE Bug 1012807 for CVE-2016-9078",
"url": "https://bugzilla.suse.com/1012807"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9078"
},
{
"cve": "CVE-2016-9079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9079"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox \u003c 50.0.2, Firefox ESR \u003c 45.5.1, and Thunderbird \u003c 45.5.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9079",
"url": "https://www.suse.com/security/cve/CVE-2016-9079"
},
{
"category": "external",
"summary": "SUSE Bug 1012964 for CVE-2016-9079",
"url": "https://bugzilla.suse.com/1012964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9079"
},
{
"cve": "CVE-2016-9080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9080"
}
],
"notes": [
{
"category": "general",
"text": "Memory safety bugs were reported in Firefox 50.0.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 50.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9080",
"url": "https://www.suse.com/security/cve/CVE-2016-9080"
},
{
"category": "external",
"summary": "SUSE Bug 1015422 for CVE-2016-9080",
"url": "https://bugzilla.suse.com/1015422"
},
{
"category": "external",
"summary": "SUSE Bug 1015527 for CVE-2016-9080",
"url": "https://bugzilla.suse.com/1015527"
},
{
"category": "external",
"summary": "SUSE Bug 1015528 for CVE-2016-9080",
"url": "https://bugzilla.suse.com/1015528"
},
{
"category": "external",
"summary": "SUSE Bug 1015529 for CVE-2016-9080",
"url": "https://bugzilla.suse.com/1015529"
},
{
"category": "external",
"summary": "SUSE Bug 1015530 for CVE-2016-9080",
"url": "https://bugzilla.suse.com/1015530"
},
{
"category": "external",
"summary": "SUSE Bug 1015531 for CVE-2016-9080",
"url": "https://bugzilla.suse.com/1015531"
},
{
"category": "external",
"summary": "SUSE Bug 1015533 for CVE-2016-9080",
"url": "https://bugzilla.suse.com/1015533"
},
{
"category": "external",
"summary": "SUSE Bug 1015534 for CVE-2016-9080",
"url": "https://bugzilla.suse.com/1015534"
},
{
"category": "external",
"summary": "SUSE Bug 1015535 for CVE-2016-9080",
"url": "https://bugzilla.suse.com/1015535"
},
{
"category": "external",
"summary": "SUSE Bug 1015536 for CVE-2016-9080",
"url": "https://bugzilla.suse.com/1015536"
},
{
"category": "external",
"summary": "SUSE Bug 1015537 for CVE-2016-9080",
"url": "https://bugzilla.suse.com/1015537"
},
{
"category": "external",
"summary": "SUSE Bug 1015538 for CVE-2016-9080",
"url": "https://bugzilla.suse.com/1015538"
},
{
"category": "external",
"summary": "SUSE Bug 1015540 for CVE-2016-9080",
"url": "https://bugzilla.suse.com/1015540"
},
{
"category": "external",
"summary": "SUSE Bug 1015541 for CVE-2016-9080",
"url": "https://bugzilla.suse.com/1015541"
},
{
"category": "external",
"summary": "SUSE Bug 1015542 for CVE-2016-9080",
"url": "https://bugzilla.suse.com/1015542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9080"
},
{
"cve": "CVE-2016-9893",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9893"
}
],
"notes": [
{
"category": "general",
"text": "Memory safety bugs were reported in Thunderbird 45.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 50.1, Firefox ESR \u003c 45.6, and Thunderbird \u003c 45.6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9893",
"url": "https://www.suse.com/security/cve/CVE-2016-9893"
},
{
"category": "external",
"summary": "SUSE Bug 1015422 for CVE-2016-9893",
"url": "https://bugzilla.suse.com/1015422"
},
{
"category": "external",
"summary": "SUSE Bug 1015527 for CVE-2016-9893",
"url": "https://bugzilla.suse.com/1015527"
},
{
"category": "external",
"summary": "SUSE Bug 1015528 for CVE-2016-9893",
"url": "https://bugzilla.suse.com/1015528"
},
{
"category": "external",
"summary": "SUSE Bug 1015529 for CVE-2016-9893",
"url": "https://bugzilla.suse.com/1015529"
},
{
"category": "external",
"summary": "SUSE Bug 1015530 for CVE-2016-9893",
"url": "https://bugzilla.suse.com/1015530"
},
{
"category": "external",
"summary": "SUSE Bug 1015531 for CVE-2016-9893",
"url": "https://bugzilla.suse.com/1015531"
},
{
"category": "external",
"summary": "SUSE Bug 1015533 for CVE-2016-9893",
"url": "https://bugzilla.suse.com/1015533"
},
{
"category": "external",
"summary": "SUSE Bug 1015534 for CVE-2016-9893",
"url": "https://bugzilla.suse.com/1015534"
},
{
"category": "external",
"summary": "SUSE Bug 1015535 for CVE-2016-9893",
"url": "https://bugzilla.suse.com/1015535"
},
{
"category": "external",
"summary": "SUSE Bug 1015536 for CVE-2016-9893",
"url": "https://bugzilla.suse.com/1015536"
},
{
"category": "external",
"summary": "SUSE Bug 1015537 for CVE-2016-9893",
"url": "https://bugzilla.suse.com/1015537"
},
{
"category": "external",
"summary": "SUSE Bug 1015538 for CVE-2016-9893",
"url": "https://bugzilla.suse.com/1015538"
},
{
"category": "external",
"summary": "SUSE Bug 1015540 for CVE-2016-9893",
"url": "https://bugzilla.suse.com/1015540"
},
{
"category": "external",
"summary": "SUSE Bug 1015541 for CVE-2016-9893",
"url": "https://bugzilla.suse.com/1015541"
},
{
"category": "external",
"summary": "SUSE Bug 1015542 for CVE-2016-9893",
"url": "https://bugzilla.suse.com/1015542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9893"
},
{
"cve": "CVE-2016-9894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9894"
}
],
"notes": [
{
"category": "general",
"text": "A buffer overflow in SkiaGl caused when a GrGLBuffer is truncated during allocation. Later writers will overflow the buffer, resulting in a potentially exploitable crash. This vulnerability affects Firefox \u003c 50.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9894",
"url": "https://www.suse.com/security/cve/CVE-2016-9894"
},
{
"category": "external",
"summary": "SUSE Bug 1015422 for CVE-2016-9894",
"url": "https://bugzilla.suse.com/1015422"
},
{
"category": "external",
"summary": "SUSE Bug 1015527 for CVE-2016-9894",
"url": "https://bugzilla.suse.com/1015527"
},
{
"category": "external",
"summary": "SUSE Bug 1015528 for CVE-2016-9894",
"url": "https://bugzilla.suse.com/1015528"
},
{
"category": "external",
"summary": "SUSE Bug 1015529 for CVE-2016-9894",
"url": "https://bugzilla.suse.com/1015529"
},
{
"category": "external",
"summary": "SUSE Bug 1015530 for CVE-2016-9894",
"url": "https://bugzilla.suse.com/1015530"
},
{
"category": "external",
"summary": "SUSE Bug 1015531 for CVE-2016-9894",
"url": "https://bugzilla.suse.com/1015531"
},
{
"category": "external",
"summary": "SUSE Bug 1015533 for CVE-2016-9894",
"url": "https://bugzilla.suse.com/1015533"
},
{
"category": "external",
"summary": "SUSE Bug 1015534 for CVE-2016-9894",
"url": "https://bugzilla.suse.com/1015534"
},
{
"category": "external",
"summary": "SUSE Bug 1015535 for CVE-2016-9894",
"url": "https://bugzilla.suse.com/1015535"
},
{
"category": "external",
"summary": "SUSE Bug 1015536 for CVE-2016-9894",
"url": "https://bugzilla.suse.com/1015536"
},
{
"category": "external",
"summary": "SUSE Bug 1015537 for CVE-2016-9894",
"url": "https://bugzilla.suse.com/1015537"
},
{
"category": "external",
"summary": "SUSE Bug 1015538 for CVE-2016-9894",
"url": "https://bugzilla.suse.com/1015538"
},
{
"category": "external",
"summary": "SUSE Bug 1015540 for CVE-2016-9894",
"url": "https://bugzilla.suse.com/1015540"
},
{
"category": "external",
"summary": "SUSE Bug 1015541 for CVE-2016-9894",
"url": "https://bugzilla.suse.com/1015541"
},
{
"category": "external",
"summary": "SUSE Bug 1015542 for CVE-2016-9894",
"url": "https://bugzilla.suse.com/1015542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9894"
},
{
"cve": "CVE-2016-9895",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9895"
}
],
"notes": [
{
"category": "general",
"text": "Event handlers on \"marquee\" elements were executed despite a strict Content Security Policy (CSP) that disallowed inline JavaScript. This vulnerability affects Firefox \u003c 50.1, Firefox ESR \u003c 45.6, and Thunderbird \u003c 45.6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9895",
"url": "https://www.suse.com/security/cve/CVE-2016-9895"
},
{
"category": "external",
"summary": "SUSE Bug 1015422 for CVE-2016-9895",
"url": "https://bugzilla.suse.com/1015422"
},
{
"category": "external",
"summary": "SUSE Bug 1015527 for CVE-2016-9895",
"url": "https://bugzilla.suse.com/1015527"
},
{
"category": "external",
"summary": "SUSE Bug 1015528 for CVE-2016-9895",
"url": "https://bugzilla.suse.com/1015528"
},
{
"category": "external",
"summary": "SUSE Bug 1015529 for CVE-2016-9895",
"url": "https://bugzilla.suse.com/1015529"
},
{
"category": "external",
"summary": "SUSE Bug 1015530 for CVE-2016-9895",
"url": "https://bugzilla.suse.com/1015530"
},
{
"category": "external",
"summary": "SUSE Bug 1015531 for CVE-2016-9895",
"url": "https://bugzilla.suse.com/1015531"
},
{
"category": "external",
"summary": "SUSE Bug 1015533 for CVE-2016-9895",
"url": "https://bugzilla.suse.com/1015533"
},
{
"category": "external",
"summary": "SUSE Bug 1015534 for CVE-2016-9895",
"url": "https://bugzilla.suse.com/1015534"
},
{
"category": "external",
"summary": "SUSE Bug 1015535 for CVE-2016-9895",
"url": "https://bugzilla.suse.com/1015535"
},
{
"category": "external",
"summary": "SUSE Bug 1015536 for CVE-2016-9895",
"url": "https://bugzilla.suse.com/1015536"
},
{
"category": "external",
"summary": "SUSE Bug 1015537 for CVE-2016-9895",
"url": "https://bugzilla.suse.com/1015537"
},
{
"category": "external",
"summary": "SUSE Bug 1015538 for CVE-2016-9895",
"url": "https://bugzilla.suse.com/1015538"
},
{
"category": "external",
"summary": "SUSE Bug 1015540 for CVE-2016-9895",
"url": "https://bugzilla.suse.com/1015540"
},
{
"category": "external",
"summary": "SUSE Bug 1015541 for CVE-2016-9895",
"url": "https://bugzilla.suse.com/1015541"
},
{
"category": "external",
"summary": "SUSE Bug 1015542 for CVE-2016-9895",
"url": "https://bugzilla.suse.com/1015542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9895"
},
{
"cve": "CVE-2016-9896",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9896"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free while manipulating the \"navigator\" object within WebVR. Note: WebVR is not currently enabled by default. This vulnerability affects Firefox \u003c 50.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9896",
"url": "https://www.suse.com/security/cve/CVE-2016-9896"
},
{
"category": "external",
"summary": "SUSE Bug 1015422 for CVE-2016-9896",
"url": "https://bugzilla.suse.com/1015422"
},
{
"category": "external",
"summary": "SUSE Bug 1015527 for CVE-2016-9896",
"url": "https://bugzilla.suse.com/1015527"
},
{
"category": "external",
"summary": "SUSE Bug 1015528 for CVE-2016-9896",
"url": "https://bugzilla.suse.com/1015528"
},
{
"category": "external",
"summary": "SUSE Bug 1015529 for CVE-2016-9896",
"url": "https://bugzilla.suse.com/1015529"
},
{
"category": "external",
"summary": "SUSE Bug 1015530 for CVE-2016-9896",
"url": "https://bugzilla.suse.com/1015530"
},
{
"category": "external",
"summary": "SUSE Bug 1015531 for CVE-2016-9896",
"url": "https://bugzilla.suse.com/1015531"
},
{
"category": "external",
"summary": "SUSE Bug 1015533 for CVE-2016-9896",
"url": "https://bugzilla.suse.com/1015533"
},
{
"category": "external",
"summary": "SUSE Bug 1015534 for CVE-2016-9896",
"url": "https://bugzilla.suse.com/1015534"
},
{
"category": "external",
"summary": "SUSE Bug 1015535 for CVE-2016-9896",
"url": "https://bugzilla.suse.com/1015535"
},
{
"category": "external",
"summary": "SUSE Bug 1015536 for CVE-2016-9896",
"url": "https://bugzilla.suse.com/1015536"
},
{
"category": "external",
"summary": "SUSE Bug 1015537 for CVE-2016-9896",
"url": "https://bugzilla.suse.com/1015537"
},
{
"category": "external",
"summary": "SUSE Bug 1015538 for CVE-2016-9896",
"url": "https://bugzilla.suse.com/1015538"
},
{
"category": "external",
"summary": "SUSE Bug 1015540 for CVE-2016-9896",
"url": "https://bugzilla.suse.com/1015540"
},
{
"category": "external",
"summary": "SUSE Bug 1015541 for CVE-2016-9896",
"url": "https://bugzilla.suse.com/1015541"
},
{
"category": "external",
"summary": "SUSE Bug 1015542 for CVE-2016-9896",
"url": "https://bugzilla.suse.com/1015542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9896"
},
{
"cve": "CVE-2016-9897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9897"
}
],
"notes": [
{
"category": "general",
"text": "Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector constructor with a varying array within libGLES. This vulnerability affects Firefox \u003c 50.1, Firefox ESR \u003c 45.6, and Thunderbird \u003c 45.6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9897",
"url": "https://www.suse.com/security/cve/CVE-2016-9897"
},
{
"category": "external",
"summary": "SUSE Bug 1015422 for CVE-2016-9897",
"url": "https://bugzilla.suse.com/1015422"
},
{
"category": "external",
"summary": "SUSE Bug 1015527 for CVE-2016-9897",
"url": "https://bugzilla.suse.com/1015527"
},
{
"category": "external",
"summary": "SUSE Bug 1015528 for CVE-2016-9897",
"url": "https://bugzilla.suse.com/1015528"
},
{
"category": "external",
"summary": "SUSE Bug 1015529 for CVE-2016-9897",
"url": "https://bugzilla.suse.com/1015529"
},
{
"category": "external",
"summary": "SUSE Bug 1015530 for CVE-2016-9897",
"url": "https://bugzilla.suse.com/1015530"
},
{
"category": "external",
"summary": "SUSE Bug 1015531 for CVE-2016-9897",
"url": "https://bugzilla.suse.com/1015531"
},
{
"category": "external",
"summary": "SUSE Bug 1015533 for CVE-2016-9897",
"url": "https://bugzilla.suse.com/1015533"
},
{
"category": "external",
"summary": "SUSE Bug 1015534 for CVE-2016-9897",
"url": "https://bugzilla.suse.com/1015534"
},
{
"category": "external",
"summary": "SUSE Bug 1015535 for CVE-2016-9897",
"url": "https://bugzilla.suse.com/1015535"
},
{
"category": "external",
"summary": "SUSE Bug 1015536 for CVE-2016-9897",
"url": "https://bugzilla.suse.com/1015536"
},
{
"category": "external",
"summary": "SUSE Bug 1015537 for CVE-2016-9897",
"url": "https://bugzilla.suse.com/1015537"
},
{
"category": "external",
"summary": "SUSE Bug 1015538 for CVE-2016-9897",
"url": "https://bugzilla.suse.com/1015538"
},
{
"category": "external",
"summary": "SUSE Bug 1015540 for CVE-2016-9897",
"url": "https://bugzilla.suse.com/1015540"
},
{
"category": "external",
"summary": "SUSE Bug 1015541 for CVE-2016-9897",
"url": "https://bugzilla.suse.com/1015541"
},
{
"category": "external",
"summary": "SUSE Bug 1015542 for CVE-2016-9897",
"url": "https://bugzilla.suse.com/1015542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9897"
},
{
"cve": "CVE-2016-9898",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9898"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Editor. This vulnerability affects Firefox \u003c 50.1, Firefox ESR \u003c 45.6, and Thunderbird \u003c 45.6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9898",
"url": "https://www.suse.com/security/cve/CVE-2016-9898"
},
{
"category": "external",
"summary": "SUSE Bug 1015422 for CVE-2016-9898",
"url": "https://bugzilla.suse.com/1015422"
},
{
"category": "external",
"summary": "SUSE Bug 1015527 for CVE-2016-9898",
"url": "https://bugzilla.suse.com/1015527"
},
{
"category": "external",
"summary": "SUSE Bug 1015528 for CVE-2016-9898",
"url": "https://bugzilla.suse.com/1015528"
},
{
"category": "external",
"summary": "SUSE Bug 1015529 for CVE-2016-9898",
"url": "https://bugzilla.suse.com/1015529"
},
{
"category": "external",
"summary": "SUSE Bug 1015530 for CVE-2016-9898",
"url": "https://bugzilla.suse.com/1015530"
},
{
"category": "external",
"summary": "SUSE Bug 1015531 for CVE-2016-9898",
"url": "https://bugzilla.suse.com/1015531"
},
{
"category": "external",
"summary": "SUSE Bug 1015533 for CVE-2016-9898",
"url": "https://bugzilla.suse.com/1015533"
},
{
"category": "external",
"summary": "SUSE Bug 1015534 for CVE-2016-9898",
"url": "https://bugzilla.suse.com/1015534"
},
{
"category": "external",
"summary": "SUSE Bug 1015535 for CVE-2016-9898",
"url": "https://bugzilla.suse.com/1015535"
},
{
"category": "external",
"summary": "SUSE Bug 1015536 for CVE-2016-9898",
"url": "https://bugzilla.suse.com/1015536"
},
{
"category": "external",
"summary": "SUSE Bug 1015537 for CVE-2016-9898",
"url": "https://bugzilla.suse.com/1015537"
},
{
"category": "external",
"summary": "SUSE Bug 1015538 for CVE-2016-9898",
"url": "https://bugzilla.suse.com/1015538"
},
{
"category": "external",
"summary": "SUSE Bug 1015540 for CVE-2016-9898",
"url": "https://bugzilla.suse.com/1015540"
},
{
"category": "external",
"summary": "SUSE Bug 1015541 for CVE-2016-9898",
"url": "https://bugzilla.suse.com/1015541"
},
{
"category": "external",
"summary": "SUSE Bug 1015542 for CVE-2016-9898",
"url": "https://bugzilla.suse.com/1015542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9898"
},
{
"cve": "CVE-2016-9899",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9899"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption. This vulnerability affects Firefox \u003c 50.1, Firefox ESR \u003c 45.6, and Thunderbird \u003c 45.6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9899",
"url": "https://www.suse.com/security/cve/CVE-2016-9899"
},
{
"category": "external",
"summary": "SUSE Bug 1015422 for CVE-2016-9899",
"url": "https://bugzilla.suse.com/1015422"
},
{
"category": "external",
"summary": "SUSE Bug 1015527 for CVE-2016-9899",
"url": "https://bugzilla.suse.com/1015527"
},
{
"category": "external",
"summary": "SUSE Bug 1015528 for CVE-2016-9899",
"url": "https://bugzilla.suse.com/1015528"
},
{
"category": "external",
"summary": "SUSE Bug 1015529 for CVE-2016-9899",
"url": "https://bugzilla.suse.com/1015529"
},
{
"category": "external",
"summary": "SUSE Bug 1015530 for CVE-2016-9899",
"url": "https://bugzilla.suse.com/1015530"
},
{
"category": "external",
"summary": "SUSE Bug 1015531 for CVE-2016-9899",
"url": "https://bugzilla.suse.com/1015531"
},
{
"category": "external",
"summary": "SUSE Bug 1015533 for CVE-2016-9899",
"url": "https://bugzilla.suse.com/1015533"
},
{
"category": "external",
"summary": "SUSE Bug 1015534 for CVE-2016-9899",
"url": "https://bugzilla.suse.com/1015534"
},
{
"category": "external",
"summary": "SUSE Bug 1015535 for CVE-2016-9899",
"url": "https://bugzilla.suse.com/1015535"
},
{
"category": "external",
"summary": "SUSE Bug 1015536 for CVE-2016-9899",
"url": "https://bugzilla.suse.com/1015536"
},
{
"category": "external",
"summary": "SUSE Bug 1015537 for CVE-2016-9899",
"url": "https://bugzilla.suse.com/1015537"
},
{
"category": "external",
"summary": "SUSE Bug 1015538 for CVE-2016-9899",
"url": "https://bugzilla.suse.com/1015538"
},
{
"category": "external",
"summary": "SUSE Bug 1015540 for CVE-2016-9899",
"url": "https://bugzilla.suse.com/1015540"
},
{
"category": "external",
"summary": "SUSE Bug 1015541 for CVE-2016-9899",
"url": "https://bugzilla.suse.com/1015541"
},
{
"category": "external",
"summary": "SUSE Bug 1015542 for CVE-2016-9899",
"url": "https://bugzilla.suse.com/1015542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9899"
},
{
"cve": "CVE-2016-9900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9900"
}
],
"notes": [
{
"category": "general",
"text": "External resources that should be blocked when loaded by SVG images can bypass security restrictions through the use of \"data:\" URLs. This could allow for cross-domain data leakage. This vulnerability affects Firefox \u003c 50.1, Firefox ESR \u003c 45.6, and Thunderbird \u003c 45.6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9900",
"url": "https://www.suse.com/security/cve/CVE-2016-9900"
},
{
"category": "external",
"summary": "SUSE Bug 1015422 for CVE-2016-9900",
"url": "https://bugzilla.suse.com/1015422"
},
{
"category": "external",
"summary": "SUSE Bug 1015527 for CVE-2016-9900",
"url": "https://bugzilla.suse.com/1015527"
},
{
"category": "external",
"summary": "SUSE Bug 1015528 for CVE-2016-9900",
"url": "https://bugzilla.suse.com/1015528"
},
{
"category": "external",
"summary": "SUSE Bug 1015529 for CVE-2016-9900",
"url": "https://bugzilla.suse.com/1015529"
},
{
"category": "external",
"summary": "SUSE Bug 1015530 for CVE-2016-9900",
"url": "https://bugzilla.suse.com/1015530"
},
{
"category": "external",
"summary": "SUSE Bug 1015531 for CVE-2016-9900",
"url": "https://bugzilla.suse.com/1015531"
},
{
"category": "external",
"summary": "SUSE Bug 1015533 for CVE-2016-9900",
"url": "https://bugzilla.suse.com/1015533"
},
{
"category": "external",
"summary": "SUSE Bug 1015534 for CVE-2016-9900",
"url": "https://bugzilla.suse.com/1015534"
},
{
"category": "external",
"summary": "SUSE Bug 1015535 for CVE-2016-9900",
"url": "https://bugzilla.suse.com/1015535"
},
{
"category": "external",
"summary": "SUSE Bug 1015536 for CVE-2016-9900",
"url": "https://bugzilla.suse.com/1015536"
},
{
"category": "external",
"summary": "SUSE Bug 1015537 for CVE-2016-9900",
"url": "https://bugzilla.suse.com/1015537"
},
{
"category": "external",
"summary": "SUSE Bug 1015538 for CVE-2016-9900",
"url": "https://bugzilla.suse.com/1015538"
},
{
"category": "external",
"summary": "SUSE Bug 1015540 for CVE-2016-9900",
"url": "https://bugzilla.suse.com/1015540"
},
{
"category": "external",
"summary": "SUSE Bug 1015541 for CVE-2016-9900",
"url": "https://bugzilla.suse.com/1015541"
},
{
"category": "external",
"summary": "SUSE Bug 1015542 for CVE-2016-9900",
"url": "https://bugzilla.suse.com/1015542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9900"
},
{
"cve": "CVE-2016-9901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9901"
}
],
"notes": [
{
"category": "general",
"text": "HTML tags received from the Pocket server will be processed without sanitization and any JavaScript code executed will be run in the \"about:pocket-saved\" (unprivileged) page, giving it access to Pocket\u0027s messaging API through HTML injection. This vulnerability affects Firefox ESR \u003c 45.6 and Firefox \u003c 50.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9901",
"url": "https://www.suse.com/security/cve/CVE-2016-9901"
},
{
"category": "external",
"summary": "SUSE Bug 1015422 for CVE-2016-9901",
"url": "https://bugzilla.suse.com/1015422"
},
{
"category": "external",
"summary": "SUSE Bug 1015527 for CVE-2016-9901",
"url": "https://bugzilla.suse.com/1015527"
},
{
"category": "external",
"summary": "SUSE Bug 1015528 for CVE-2016-9901",
"url": "https://bugzilla.suse.com/1015528"
},
{
"category": "external",
"summary": "SUSE Bug 1015529 for CVE-2016-9901",
"url": "https://bugzilla.suse.com/1015529"
},
{
"category": "external",
"summary": "SUSE Bug 1015530 for CVE-2016-9901",
"url": "https://bugzilla.suse.com/1015530"
},
{
"category": "external",
"summary": "SUSE Bug 1015531 for CVE-2016-9901",
"url": "https://bugzilla.suse.com/1015531"
},
{
"category": "external",
"summary": "SUSE Bug 1015533 for CVE-2016-9901",
"url": "https://bugzilla.suse.com/1015533"
},
{
"category": "external",
"summary": "SUSE Bug 1015534 for CVE-2016-9901",
"url": "https://bugzilla.suse.com/1015534"
},
{
"category": "external",
"summary": "SUSE Bug 1015535 for CVE-2016-9901",
"url": "https://bugzilla.suse.com/1015535"
},
{
"category": "external",
"summary": "SUSE Bug 1015536 for CVE-2016-9901",
"url": "https://bugzilla.suse.com/1015536"
},
{
"category": "external",
"summary": "SUSE Bug 1015537 for CVE-2016-9901",
"url": "https://bugzilla.suse.com/1015537"
},
{
"category": "external",
"summary": "SUSE Bug 1015538 for CVE-2016-9901",
"url": "https://bugzilla.suse.com/1015538"
},
{
"category": "external",
"summary": "SUSE Bug 1015540 for CVE-2016-9901",
"url": "https://bugzilla.suse.com/1015540"
},
{
"category": "external",
"summary": "SUSE Bug 1015541 for CVE-2016-9901",
"url": "https://bugzilla.suse.com/1015541"
},
{
"category": "external",
"summary": "SUSE Bug 1015542 for CVE-2016-9901",
"url": "https://bugzilla.suse.com/1015542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9901"
},
{
"cve": "CVE-2016-9902",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9902"
}
],
"notes": [
{
"category": "general",
"text": "The Pocket toolbar button, once activated, listens for events fired from it\u0027s own pages but does not verify the origin of incoming events. This allows content from other origins to fire events and inject content and commands into the Pocket context. Note: this issue does not affect users with e10s enabled. This vulnerability affects Firefox ESR \u003c 45.6 and Firefox \u003c 50.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9902",
"url": "https://www.suse.com/security/cve/CVE-2016-9902"
},
{
"category": "external",
"summary": "SUSE Bug 1015422 for CVE-2016-9902",
"url": "https://bugzilla.suse.com/1015422"
},
{
"category": "external",
"summary": "SUSE Bug 1015527 for CVE-2016-9902",
"url": "https://bugzilla.suse.com/1015527"
},
{
"category": "external",
"summary": "SUSE Bug 1015528 for CVE-2016-9902",
"url": "https://bugzilla.suse.com/1015528"
},
{
"category": "external",
"summary": "SUSE Bug 1015529 for CVE-2016-9902",
"url": "https://bugzilla.suse.com/1015529"
},
{
"category": "external",
"summary": "SUSE Bug 1015530 for CVE-2016-9902",
"url": "https://bugzilla.suse.com/1015530"
},
{
"category": "external",
"summary": "SUSE Bug 1015531 for CVE-2016-9902",
"url": "https://bugzilla.suse.com/1015531"
},
{
"category": "external",
"summary": "SUSE Bug 1015533 for CVE-2016-9902",
"url": "https://bugzilla.suse.com/1015533"
},
{
"category": "external",
"summary": "SUSE Bug 1015534 for CVE-2016-9902",
"url": "https://bugzilla.suse.com/1015534"
},
{
"category": "external",
"summary": "SUSE Bug 1015535 for CVE-2016-9902",
"url": "https://bugzilla.suse.com/1015535"
},
{
"category": "external",
"summary": "SUSE Bug 1015536 for CVE-2016-9902",
"url": "https://bugzilla.suse.com/1015536"
},
{
"category": "external",
"summary": "SUSE Bug 1015537 for CVE-2016-9902",
"url": "https://bugzilla.suse.com/1015537"
},
{
"category": "external",
"summary": "SUSE Bug 1015538 for CVE-2016-9902",
"url": "https://bugzilla.suse.com/1015538"
},
{
"category": "external",
"summary": "SUSE Bug 1015540 for CVE-2016-9902",
"url": "https://bugzilla.suse.com/1015540"
},
{
"category": "external",
"summary": "SUSE Bug 1015541 for CVE-2016-9902",
"url": "https://bugzilla.suse.com/1015541"
},
{
"category": "external",
"summary": "SUSE Bug 1015542 for CVE-2016-9902",
"url": "https://bugzilla.suse.com/1015542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9902"
},
{
"cve": "CVE-2016-9903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9903"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla\u0027s add-ons SDK had a world-accessible resource with an HTML injection vulnerability. If an additional vulnerability allowed this resource to be loaded as a document it could allow injecting content and script into an add-on\u0027s context. This vulnerability affects Firefox \u003c 50.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9903",
"url": "https://www.suse.com/security/cve/CVE-2016-9903"
},
{
"category": "external",
"summary": "SUSE Bug 1015422 for CVE-2016-9903",
"url": "https://bugzilla.suse.com/1015422"
},
{
"category": "external",
"summary": "SUSE Bug 1015527 for CVE-2016-9903",
"url": "https://bugzilla.suse.com/1015527"
},
{
"category": "external",
"summary": "SUSE Bug 1015528 for CVE-2016-9903",
"url": "https://bugzilla.suse.com/1015528"
},
{
"category": "external",
"summary": "SUSE Bug 1015529 for CVE-2016-9903",
"url": "https://bugzilla.suse.com/1015529"
},
{
"category": "external",
"summary": "SUSE Bug 1015530 for CVE-2016-9903",
"url": "https://bugzilla.suse.com/1015530"
},
{
"category": "external",
"summary": "SUSE Bug 1015531 for CVE-2016-9903",
"url": "https://bugzilla.suse.com/1015531"
},
{
"category": "external",
"summary": "SUSE Bug 1015533 for CVE-2016-9903",
"url": "https://bugzilla.suse.com/1015533"
},
{
"category": "external",
"summary": "SUSE Bug 1015534 for CVE-2016-9903",
"url": "https://bugzilla.suse.com/1015534"
},
{
"category": "external",
"summary": "SUSE Bug 1015535 for CVE-2016-9903",
"url": "https://bugzilla.suse.com/1015535"
},
{
"category": "external",
"summary": "SUSE Bug 1015536 for CVE-2016-9903",
"url": "https://bugzilla.suse.com/1015536"
},
{
"category": "external",
"summary": "SUSE Bug 1015537 for CVE-2016-9903",
"url": "https://bugzilla.suse.com/1015537"
},
{
"category": "external",
"summary": "SUSE Bug 1015538 for CVE-2016-9903",
"url": "https://bugzilla.suse.com/1015538"
},
{
"category": "external",
"summary": "SUSE Bug 1015540 for CVE-2016-9903",
"url": "https://bugzilla.suse.com/1015540"
},
{
"category": "external",
"summary": "SUSE Bug 1015541 for CVE-2016-9903",
"url": "https://bugzilla.suse.com/1015541"
},
{
"category": "external",
"summary": "SUSE Bug 1015542 for CVE-2016-9903",
"url": "https://bugzilla.suse.com/1015542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9903"
},
{
"cve": "CVE-2016-9904",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9904"
}
],
"notes": [
{
"category": "general",
"text": "An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. This could be used to leak information, such as usernames embedded in JavaScript code, across websites. This vulnerability affects Firefox \u003c 50.1, Firefox ESR \u003c 45.6, and Thunderbird \u003c 45.6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9904",
"url": "https://www.suse.com/security/cve/CVE-2016-9904"
},
{
"category": "external",
"summary": "SUSE Bug 1015422 for CVE-2016-9904",
"url": "https://bugzilla.suse.com/1015422"
},
{
"category": "external",
"summary": "SUSE Bug 1015527 for CVE-2016-9904",
"url": "https://bugzilla.suse.com/1015527"
},
{
"category": "external",
"summary": "SUSE Bug 1015528 for CVE-2016-9904",
"url": "https://bugzilla.suse.com/1015528"
},
{
"category": "external",
"summary": "SUSE Bug 1015529 for CVE-2016-9904",
"url": "https://bugzilla.suse.com/1015529"
},
{
"category": "external",
"summary": "SUSE Bug 1015530 for CVE-2016-9904",
"url": "https://bugzilla.suse.com/1015530"
},
{
"category": "external",
"summary": "SUSE Bug 1015531 for CVE-2016-9904",
"url": "https://bugzilla.suse.com/1015531"
},
{
"category": "external",
"summary": "SUSE Bug 1015533 for CVE-2016-9904",
"url": "https://bugzilla.suse.com/1015533"
},
{
"category": "external",
"summary": "SUSE Bug 1015534 for CVE-2016-9904",
"url": "https://bugzilla.suse.com/1015534"
},
{
"category": "external",
"summary": "SUSE Bug 1015535 for CVE-2016-9904",
"url": "https://bugzilla.suse.com/1015535"
},
{
"category": "external",
"summary": "SUSE Bug 1015536 for CVE-2016-9904",
"url": "https://bugzilla.suse.com/1015536"
},
{
"category": "external",
"summary": "SUSE Bug 1015537 for CVE-2016-9904",
"url": "https://bugzilla.suse.com/1015537"
},
{
"category": "external",
"summary": "SUSE Bug 1015538 for CVE-2016-9904",
"url": "https://bugzilla.suse.com/1015538"
},
{
"category": "external",
"summary": "SUSE Bug 1015540 for CVE-2016-9904",
"url": "https://bugzilla.suse.com/1015540"
},
{
"category": "external",
"summary": "SUSE Bug 1015541 for CVE-2016-9904",
"url": "https://bugzilla.suse.com/1015541"
},
{
"category": "external",
"summary": "SUSE Bug 1015542 for CVE-2016-9904",
"url": "https://bugzilla.suse.com/1015542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-buildsymbols-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-50.1.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-50.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9904"
}
]
}
OPENSUSE-SU-2024:10230-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
MozillaThunderbird-45.5.1-1.1 on GA media
Notes
Title of the patch
MozillaThunderbird-45.5.1-1.1 on GA media
Description of the patch
These are all security issues fixed in the MozillaThunderbird-45.5.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10230
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "MozillaThunderbird-45.5.1-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the MozillaThunderbird-45.5.1-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10230",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10230-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-0040 page",
"url": "https://www.suse.com/security/cve/CVE-2009-0040/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-0771 page",
"url": "https://www.suse.com/security/cve/CVE-2009-0771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-0772 page",
"url": "https://www.suse.com/security/cve/CVE-2009-0772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-0773 page",
"url": "https://www.suse.com/security/cve/CVE-2009-0773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-0774 page",
"url": "https://www.suse.com/security/cve/CVE-2009-0774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-0776 page",
"url": "https://www.suse.com/security/cve/CVE-2009-0776/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1571 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3555 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0159 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0173 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0174 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0174/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0175 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0175/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0176 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0182 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0654 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0654/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1121 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1121/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1196 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1196/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1199 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1199/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1200 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1200/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1201 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1202 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1202/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1203 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1205 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1211 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1211/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1212 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1213 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1213/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1585 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1585/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2752 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2753 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2754 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2760 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2762 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2764 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2765 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2766 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2767 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2768 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2769 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3166 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3166/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3167 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3168 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3168/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3169 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3170 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3170/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3173 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3174 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3174/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3175 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3175/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3176 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3178 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3178/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3179 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3180 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3182 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3183 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3765 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3768 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3769 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3776 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3776/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3777 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3778 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3778/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0053 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0061 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0062 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0069 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0069/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0070 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0072 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0074 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0075 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0077 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0078 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0080 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0081 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0083 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0084 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0084/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-0085 page",
"url": "https://www.suse.com/security/cve/CVE-2011-0085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-1187 page",
"url": "https://www.suse.com/security/cve/CVE-2011-1187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2362 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2362/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2363 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2363/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2364 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2365 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2365/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2371 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2371/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2372 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2372/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2373 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2373/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2374 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2374/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2376 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2376/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2377 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2377/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2985 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2986 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2987 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2987/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2988 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2988/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2989 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2991 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2992 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3000 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3001 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3005 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3026 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3026/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3062 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3079 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3101 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3232 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3232/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3648 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3648/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3650 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3651 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3651/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3652 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3654 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3654/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3655 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3655/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3658 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3659 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3660 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3660/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3661 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3663 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0441 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0441/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0442 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0442/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0443 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0443/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0444 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0444/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0445 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0445/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0446 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0446/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0447 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0447/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0449 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0449/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0451 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0451/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0452 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0452/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0455 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0455/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0456 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0456/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0457 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0457/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0458 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0459 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0459/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0460 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0460/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0461 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0461/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0462 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0462/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0463 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0463/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0464 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0467 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0467/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0468 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0468/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0469 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0470 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0471 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0471/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0472 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0473 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0473/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0474 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0474/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0475 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0475/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0477 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0478 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0478/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0479 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0479/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0759 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1937 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1938 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1940 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1941 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1941/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1944 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1945 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1946 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1946/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1947 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1948 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1949 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1951 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1952 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1953 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1954 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1955 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1956 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1957 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1958 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1959 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1960 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1961 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1962 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1963 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1967 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1970 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1972 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1973 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1974 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1975 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1976 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1976/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3956 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3957 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3958 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3959 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3960 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3961 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3962 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3963 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3964 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3966 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3967 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3968 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3969 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3970 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3971 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3972 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3975 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3978 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3980 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3982 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3983 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3984 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3985 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3986 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3988 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3988/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3989 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3990 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3991 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3992 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3993 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3994 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3995 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4179 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4180 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4181 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4182 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4183 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4184 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4185 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4186 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4186/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4187 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4188 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4191 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4191/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4192 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4192/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4193 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4193/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4194 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4194/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4195 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4195/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4196 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4196/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4201 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4202 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4202/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4204 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4205 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4207 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4207/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4208 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4209 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4209/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4212 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4213 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4213/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4214 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4214/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4215 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4216 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4216/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4217 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4217/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-4218 page",
"url": "https://www.suse.com/security/cve/CVE-2012-4218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5829 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5830 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5833 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5835 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5836 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5837 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5837/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5838 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5839 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5840 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5841 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5842 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-5843 page",
"url": "https://www.suse.com/security/cve/CVE-2012-5843/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0743 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0744 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0745 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0745/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0746 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0746/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0747 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0748 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0748/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0749 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0750 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0752 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0753 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0754 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0755 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0756 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0757 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0758 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0760 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0761 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0762 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0763 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0764 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0766 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0767 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0768 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0769 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0770 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0771 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0773 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0774 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0775 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0776 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0776/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0780 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0782 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0783 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0783/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0787 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0788 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0789 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0793 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0795 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0796 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0800 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0801 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1669 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1669/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1670 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1674 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1675 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1676 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1677 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1677/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1678 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1679 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1680 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1681 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1681/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1682 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1682/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1684 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1684/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1685 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1685/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1686 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1686/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1687 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1690 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1690/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1692 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1692/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1693 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1694 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1694/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1697 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1701 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1709 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1710 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1713 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1714 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1717 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1717/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1718 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1719 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1720 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1722 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1722/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1723 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1724 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1725 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1728 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1730 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1730/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1732 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1735 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1736 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1737 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1737/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1738 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5590 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5591 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5592 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5593 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5593/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5595 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5596 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5596/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5597 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5599 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5599/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5600 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5600/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5601 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5602 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5603 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5603/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5604 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5604/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5609 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5610 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5613 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5613/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5615 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5615/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5616 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5616/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5618 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6629 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6630 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6630/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6671 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6673 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1477 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1478 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1478/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1479 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1479/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1481 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1481/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1482 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1482/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1486 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1486/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1487 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1487/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1490 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1491 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1493 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1493/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1494 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1494/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1497 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1497/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1505 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1505/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1508 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1508/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1509 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1509/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1510 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1510/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1511 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1512 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1512/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1513 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1514 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1514/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1518 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1518/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1523 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1523/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1524 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1529 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1529/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1530 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1531 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1532 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1532/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1533 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1533/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1534 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1534/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1536 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1536/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1537 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1538 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1538/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1541 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1544 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1544/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1545 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1547 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1547/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1548 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1553 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1553/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1555 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1556 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1556/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1557 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1557/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1562 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1562/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1563 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1563/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1564 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1564/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1565 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1567 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1567/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1574 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1574/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1576 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1577 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1577/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1578 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1578/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1581 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1581/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1585 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1585/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1586 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1587 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1590 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1592 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1593 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1593/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1594 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1594/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8634 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8635 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8638 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8638/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8639 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0801 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0807 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0813 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0815 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0816 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0822 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0827 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0827/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0831 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0833 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0836 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2708 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2710 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2713 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2716 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2721 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2721/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2722 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2722/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2724 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2725 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2727 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2728 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2729 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2729/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2730 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2730/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2731 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2731/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2733 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2734 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2734/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2735 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2736 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2737 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2737/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2738 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2739 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2740 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2741 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2743 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4000 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4473 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4473/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4475 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4475/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4477 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4478 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4478/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4479 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4479/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4480 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4480/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4481 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4481/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4482 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4482/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4484 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4484/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4485 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4485/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4486 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4486/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4487 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4487/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4488 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4488/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4489 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4491 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4492 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4493 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4493/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4500 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4505 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4505/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4506 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4506/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4509 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4509/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4511 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4513 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4514 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4514/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4517 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4517/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4519 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4519/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4520 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4520/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4521 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4521/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4522 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4522/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7174 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7174/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7175 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7175/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7176 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7177 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7178 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7178/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7179 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7180 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7181 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7182 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7183 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7188 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7189 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7189/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7193 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7193/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7194 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7194/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7196 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7196/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7197 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7197/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7198 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7198/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7199 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7199/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7200 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7200/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7201 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7205 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7207 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7207/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7210 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7210/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7212 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7213 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7213/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7214 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7214/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7222 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7222/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7575 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7575/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1930 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1935 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1950 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1952 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1953 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1954 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1955 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1956 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1957 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1958 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1960 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1961 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1962 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1964 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1965 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1966 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1974 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1977 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1977/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1979 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2790 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2791 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2792 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2793 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2794 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2795 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2796 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2797 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2798 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2799 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2799/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2800 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2801 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2802 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2802/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2806 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2807 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2815 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2818 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2818/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2830 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2836 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2837 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2837/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2838 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2839 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5252 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5252/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5254 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5254/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5258 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5258/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5259 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5259/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5262 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5262/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5263 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5263/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5264 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5264/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5265 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5265/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5290 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5290/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5291 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5291/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5296 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5296/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5297 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5297/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-6354 page",
"url": "https://www.suse.com/security/cve/CVE-2016-6354/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9066 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9079 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9079/"
}
],
"title": "MozillaThunderbird-45.5.1-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10230-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-45.5.1-1.1.aarch64",
"product": {
"name": "MozillaThunderbird-45.5.1-1.1.aarch64",
"product_id": "MozillaThunderbird-45.5.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"product": {
"name": "MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"product_id": "MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"product": {
"name": "MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"product_id": "MozillaThunderbird-devel-45.5.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"product": {
"name": "MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"product_id": "MozillaThunderbird-translations-common-45.5.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"product": {
"name": "MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"product_id": "MozillaThunderbird-translations-other-45.5.1-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-45.5.1-1.1.ppc64le",
"product": {
"name": "MozillaThunderbird-45.5.1-1.1.ppc64le",
"product_id": "MozillaThunderbird-45.5.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"product": {
"name": "MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"product_id": "MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"product": {
"name": "MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"product_id": "MozillaThunderbird-devel-45.5.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"product": {
"name": "MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"product_id": "MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"product": {
"name": "MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"product_id": "MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-45.5.1-1.1.s390x",
"product": {
"name": "MozillaThunderbird-45.5.1-1.1.s390x",
"product_id": "MozillaThunderbird-45.5.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"product": {
"name": "MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"product_id": "MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-devel-45.5.1-1.1.s390x",
"product": {
"name": "MozillaThunderbird-devel-45.5.1-1.1.s390x",
"product_id": "MozillaThunderbird-devel-45.5.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"product": {
"name": "MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"product_id": "MozillaThunderbird-translations-common-45.5.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"product": {
"name": "MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"product_id": "MozillaThunderbird-translations-other-45.5.1-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-45.5.1-1.1.x86_64",
"product": {
"name": "MozillaThunderbird-45.5.1-1.1.x86_64",
"product_id": "MozillaThunderbird-45.5.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"product": {
"name": "MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"product_id": "MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"product": {
"name": "MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"product_id": "MozillaThunderbird-devel-45.5.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"product": {
"name": "MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"product_id": "MozillaThunderbird-translations-common-45.5.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-45.5.1-1.1.x86_64",
"product": {
"name": "MozillaThunderbird-translations-other-45.5.1-1.1.x86_64",
"product_id": "MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-45.5.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64"
},
"product_reference": "MozillaThunderbird-45.5.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-45.5.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le"
},
"product_reference": "MozillaThunderbird-45.5.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-45.5.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x"
},
"product_reference": "MozillaThunderbird-45.5.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-45.5.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64"
},
"product_reference": "MozillaThunderbird-45.5.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64"
},
"product_reference": "MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le"
},
"product_reference": "MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x"
},
"product_reference": "MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64"
},
"product_reference": "MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-devel-45.5.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64"
},
"product_reference": "MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-devel-45.5.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le"
},
"product_reference": "MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-devel-45.5.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x"
},
"product_reference": "MozillaThunderbird-devel-45.5.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-devel-45.5.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64"
},
"product_reference": "MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-45.5.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64"
},
"product_reference": "MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le"
},
"product_reference": "MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-45.5.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x"
},
"product_reference": "MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-45.5.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-45.5.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64"
},
"product_reference": "MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le"
},
"product_reference": "MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-45.5.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x"
},
"product_reference": "MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-45.5.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-other-45.5.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-0040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-0040"
}
],
"notes": [
{
"category": "general",
"text": "The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-0040",
"url": "https://www.suse.com/security/cve/CVE-2009-0040"
},
{
"category": "external",
"summary": "SUSE Bug 472745 for CVE-2009-0040",
"url": "https://bugzilla.suse.com/472745"
},
{
"category": "external",
"summary": "SUSE Bug 478625 for CVE-2009-0040",
"url": "https://bugzilla.suse.com/478625"
},
{
"category": "external",
"summary": "SUSE Bug 608040 for CVE-2009-0040",
"url": "https://bugzilla.suse.com/608040"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-0040"
},
{
"cve": "CVE-2009-0771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-0771"
}
],
"notes": [
{
"category": "general",
"text": "The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption and assertion failures.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-0771",
"url": "https://www.suse.com/security/cve/CVE-2009-0771"
},
{
"category": "external",
"summary": "SUSE Bug 478625 for CVE-2009-0771",
"url": "https://bugzilla.suse.com/478625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-0771"
},
{
"cve": "CVE-2009-0772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-0772"
}
],
"notes": [
{
"category": "general",
"text": "The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which triggers memory corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-0772",
"url": "https://www.suse.com/security/cve/CVE-2009-0772"
},
{
"category": "external",
"summary": "SUSE Bug 478625 for CVE-2009-0772",
"url": "https://bugzilla.suse.com/478625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-0772"
},
{
"cve": "CVE-2009-0773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-0773"
}
],
"notes": [
{
"category": "general",
"text": "The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains \"some non-set elements,\" which causes jsarray.cpp to pass an incorrect argument to the ResizeSlots function, which triggers memory corruption; (2) vectors related to js_DecompileValueGenerator, jsopcode.cpp, __defineSetter__, and watch, which triggers an assertion failure or a segmentation fault; and (3) vectors related to gczeal, __defineSetter__, and watch, which triggers a hang.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-0773",
"url": "https://www.suse.com/security/cve/CVE-2009-0773"
},
{
"category": "external",
"summary": "SUSE Bug 478625 for CVE-2009-0773",
"url": "https://bugzilla.suse.com/478625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-0773"
},
{
"cve": "CVE-2009-0774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-0774"
}
],
"notes": [
{
"category": "general",
"text": "The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-0774",
"url": "https://www.suse.com/security/cve/CVE-2009-0774"
},
{
"category": "external",
"summary": "SUSE Bug 478625 for CVE-2009-0774",
"url": "https://bugzilla.suse.com/478625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-0774"
},
{
"cve": "CVE-2009-0776",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-0776"
}
],
"notes": [
{
"category": "general",
"text": "nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-0776",
"url": "https://www.suse.com/security/cve/CVE-2009-0776"
},
{
"category": "external",
"summary": "SUSE Bug 465291 for CVE-2009-0776",
"url": "https://bugzilla.suse.com/465291"
},
{
"category": "external",
"summary": "SUSE Bug 478625 for CVE-2009-0776",
"url": "https://bugzilla.suse.com/478625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2009-0776"
},
{
"cve": "CVE-2009-1571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1571"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory situations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1571",
"url": "https://www.suse.com/security/cve/CVE-2009-1571"
},
{
"category": "external",
"summary": "SUSE Bug 576969 for CVE-2009-1571",
"url": "https://bugzilla.suse.com/576969"
},
{
"category": "external",
"summary": "SUSE Bug 581160 for CVE-2009-1571",
"url": "https://bugzilla.suse.com/581160"
},
{
"category": "external",
"summary": "SUSE Bug 584499 for CVE-2009-1571",
"url": "https://bugzilla.suse.com/584499"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-1571"
},
{
"cve": "CVE-2009-3555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3555"
}
],
"notes": [
{
"category": "general",
"text": "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3555",
"url": "https://www.suse.com/security/cve/CVE-2009-3555"
},
{
"category": "external",
"summary": "SUSE Bug 1077582 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/1077582"
},
{
"category": "external",
"summary": "SUSE Bug 459468 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/459468"
},
{
"category": "external",
"summary": "SUSE Bug 552497 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/552497"
},
{
"category": "external",
"summary": "SUSE Bug 553641 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/553641"
},
{
"category": "external",
"summary": "SUSE Bug 554069 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/554069"
},
{
"category": "external",
"summary": "SUSE Bug 554084 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/554084"
},
{
"category": "external",
"summary": "SUSE Bug 554085 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/554085"
},
{
"category": "external",
"summary": "SUSE Bug 555177 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/555177"
},
{
"category": "external",
"summary": "SUSE Bug 557168 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/557168"
},
{
"category": "external",
"summary": "SUSE Bug 564507 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/564507"
},
{
"category": "external",
"summary": "SUSE Bug 566041 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/566041"
},
{
"category": "external",
"summary": "SUSE Bug 584292 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/584292"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/586567"
},
{
"category": "external",
"summary": "SUSE Bug 588996 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/588996"
},
{
"category": "external",
"summary": "SUSE Bug 590826 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/590826"
},
{
"category": "external",
"summary": "SUSE Bug 592589 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/592589"
},
{
"category": "external",
"summary": "SUSE Bug 594415 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/594415"
},
{
"category": "external",
"summary": "SUSE Bug 604782 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/604782"
},
{
"category": "external",
"summary": "SUSE Bug 614753 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/614753"
},
{
"category": "external",
"summary": "SUSE Bug 622073 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/622073"
},
{
"category": "external",
"summary": "SUSE Bug 623905 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/623905"
},
{
"category": "external",
"summary": "SUSE Bug 629905 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/629905"
},
{
"category": "external",
"summary": "SUSE Bug 642531 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/642531"
},
{
"category": "external",
"summary": "SUSE Bug 646073 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/646073"
},
{
"category": "external",
"summary": "SUSE Bug 646906 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/646906"
},
{
"category": "external",
"summary": "SUSE Bug 648140 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/648140"
},
{
"category": "external",
"summary": "SUSE Bug 648950 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/648950"
},
{
"category": "external",
"summary": "SUSE Bug 659926 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/659926"
},
{
"category": "external",
"summary": "SUSE Bug 670152 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/670152"
},
{
"category": "external",
"summary": "SUSE Bug 704832 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/704832"
},
{
"category": "external",
"summary": "SUSE Bug 728876 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/728876"
},
{
"category": "external",
"summary": "SUSE Bug 729181 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/729181"
},
{
"category": "external",
"summary": "SUSE Bug 753357 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/753357"
},
{
"category": "external",
"summary": "SUSE Bug 791794 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/791794"
},
{
"category": "external",
"summary": "SUSE Bug 799454 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/799454"
},
{
"category": "external",
"summary": "SUSE Bug 815621 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/815621"
},
{
"category": "external",
"summary": "SUSE Bug 905347 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/905347"
},
{
"category": "external",
"summary": "SUSE Bug 979060 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/979060"
},
{
"category": "external",
"summary": "SUSE Bug 986238 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/986238"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3555"
},
{
"cve": "CVE-2010-0159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0159"
}
],
"notes": [
{
"category": "general",
"text": "The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsBlockFrame::StealFrame function in layout/generic/nsBlockFrame.cpp, and unspecified other vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0159",
"url": "https://www.suse.com/security/cve/CVE-2010-0159"
},
{
"category": "external",
"summary": "SUSE Bug 576969 for CVE-2010-0159",
"url": "https://bugzilla.suse.com/576969"
},
{
"category": "external",
"summary": "SUSE Bug 581160 for CVE-2010-0159",
"url": "https://bugzilla.suse.com/581160"
},
{
"category": "external",
"summary": "SUSE Bug 584499 for CVE-2010-0159",
"url": "https://bugzilla.suse.com/584499"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-0159"
},
{
"cve": "CVE-2010-0173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0173"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0173",
"url": "https://www.suse.com/security/cve/CVE-2010-0173"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2010-0173",
"url": "https://bugzilla.suse.com/586567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-0173"
},
{
"cve": "CVE-2010-0174",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0174"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0174",
"url": "https://www.suse.com/security/cve/CVE-2010-0174"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2010-0174",
"url": "https://bugzilla.suse.com/586567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-0174"
},
{
"cve": "CVE-2010-0175",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0175"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsTreeSelection implementation in Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.9, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trigger a call to the handler for the select event for XUL tree items.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0175",
"url": "https://www.suse.com/security/cve/CVE-2010-0175"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2010-0175",
"url": "https://bugzilla.suse.com/586567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-0175"
},
{
"cve": "CVE-2010-0176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0176"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to execute arbitrary code via unspecified vectors that trigger access to deleted elements, related to a \"dangling pointer vulnerability.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0176",
"url": "https://www.suse.com/security/cve/CVE-2010-0176"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2010-0176",
"url": "https://bugzilla.suse.com/586567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-0176"
},
{
"cve": "CVE-2010-0182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0182"
}
],
"notes": [
{
"category": "general",
"text": "The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows attackers to bypass intended access restrictions via crafted content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0182",
"url": "https://www.suse.com/security/cve/CVE-2010-0182"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2010-0182",
"url": "https://bugzilla.suse.com/586567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-0182"
},
{
"cve": "CVE-2010-0654",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0654"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 permit cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0654",
"url": "https://www.suse.com/security/cve/CVE-2010-0654"
},
{
"category": "external",
"summary": "SUSE Bug 583603 for CVE-2010-0654",
"url": "https://bugzilla.suse.com/583603"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-0654",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-0654"
},
{
"cve": "CVE-2010-1121",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1121"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving improper interaction with garbage collection, as demonstrated by Nils during a Pwn2Own competition at CanSecWest 2010.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1121",
"url": "https://www.suse.com/security/cve/CVE-2010-1121"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1121",
"url": "https://bugzilla.suse.com/603356"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1121"
},
{
"cve": "CVE-2010-1196",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1196"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1196",
"url": "https://www.suse.com/security/cve/CVE-2010-1196"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1196",
"url": "https://bugzilla.suse.com/603356"
},
{
"category": "external",
"summary": "SUSE Bug 617399 for CVE-2010-1196",
"url": "https://bugzilla.suse.com/617399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1196"
},
{
"cve": "CVE-2010-1199",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1199"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1199",
"url": "https://www.suse.com/security/cve/CVE-2010-1199"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1199",
"url": "https://bugzilla.suse.com/603356"
},
{
"category": "external",
"summary": "SUSE Bug 617399 for CVE-2010-1199",
"url": "https://bugzilla.suse.com/617399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1199"
},
{
"cve": "CVE-2010-1200",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1200"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1200",
"url": "https://www.suse.com/security/cve/CVE-2010-1200"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1200",
"url": "https://bugzilla.suse.com/603356"
},
{
"category": "external",
"summary": "SUSE Bug 617399 for CVE-2010-1200",
"url": "https://bugzilla.suse.com/617399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1200"
},
{
"cve": "CVE-2010-1201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1201"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.10, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1201",
"url": "https://www.suse.com/security/cve/CVE-2010-1201"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1201",
"url": "https://bugzilla.suse.com/603356"
},
{
"category": "external",
"summary": "SUSE Bug 617399 for CVE-2010-1201",
"url": "https://bugzilla.suse.com/617399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1201"
},
{
"cve": "CVE-2010-1202",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1202"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1202",
"url": "https://www.suse.com/security/cve/CVE-2010-1202"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1202",
"url": "https://bugzilla.suse.com/603356"
},
{
"category": "external",
"summary": "SUSE Bug 617399 for CVE-2010-1202",
"url": "https://bugzilla.suse.com/617399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1202"
},
{
"cve": "CVE-2010-1203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1203"
}
],
"notes": [
{
"category": "general",
"text": "The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger an assertion failure in jstracer.cpp.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1203",
"url": "https://www.suse.com/security/cve/CVE-2010-1203"
},
{
"category": "external",
"summary": "SUSE Bug 603356 for CVE-2010-1203",
"url": "https://bugzilla.suse.com/603356"
},
{
"category": "external",
"summary": "SUSE Bug 617399 for CVE-2010-1203",
"url": "https://bugzilla.suse.com/617399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1203"
},
{
"cve": "CVE-2010-1205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1205"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1205",
"url": "https://www.suse.com/security/cve/CVE-2010-1205"
},
{
"category": "external",
"summary": "SUSE Bug 1188284 for CVE-2010-1205",
"url": "https://bugzilla.suse.com/1188284"
},
{
"category": "external",
"summary": "SUSE Bug 617866 for CVE-2010-1205",
"url": "https://bugzilla.suse.com/617866"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-1205",
"url": "https://bugzilla.suse.com/622506"
},
{
"category": "external",
"summary": "SUSE Bug 639941 for CVE-2010-1205",
"url": "https://bugzilla.suse.com/639941"
},
{
"category": "external",
"summary": "SUSE Bug 854395 for CVE-2010-1205",
"url": "https://bugzilla.suse.com/854395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1205"
},
{
"cve": "CVE-2010-1211",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1211"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1211",
"url": "https://www.suse.com/security/cve/CVE-2010-1211"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-1211",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1211"
},
{
"cve": "CVE-2010-1212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1212"
}
],
"notes": [
{
"category": "general",
"text": "js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) propagation of deep aborts in the TraceRecorder::record_JSOP_BINDNAME function, (2) depth handling in the TraceRecorder::record_JSOP_GETELEM function, and (3) tracing of out-of-range arguments in the TraceRecorder::record_JSOP_ARGSUB function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1212",
"url": "https://www.suse.com/security/cve/CVE-2010-1212"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-1212",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1212"
},
{
"cve": "CVE-2010-1213",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1213"
}
],
"notes": [
{
"category": "general",
"text": "The importScripts Web Worker method in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not verify that content is valid JavaScript code, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted HTML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1213",
"url": "https://www.suse.com/security/cve/CVE-2010-1213"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-1213",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-1213"
},
{
"cve": "CVE-2010-1585",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1585"
}
],
"notes": [
{
"category": "general",
"text": "The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 does not properly sanitize HTML in a chrome document, which makes it easier for remote attackers to execute arbitrary JavaScript with chrome privileges via a javascript: URI in input to an extension, as demonstrated by a javascript:alert sequence in (1) the HREF attribute of an A element or (2) the ACTION attribute of a FORM element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1585",
"url": "https://www.suse.com/security/cve/CVE-2010-1585"
},
{
"category": "external",
"summary": "SUSE Bug 667155 for CVE-2010-1585",
"url": "https://bugzilla.suse.com/667155"
},
{
"category": "external",
"summary": "SUSE Bug 679570 for CVE-2010-1585",
"url": "https://bugzilla.suse.com/679570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-1585"
},
{
"cve": "CVE-2010-2752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2752"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code by placing many Cascading Style Sheets (CSS) values in an array, related to references to external font resources and an inconsistency between 16-bit and 32-bit integers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2752",
"url": "https://www.suse.com/security/cve/CVE-2010-2752"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-2752",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2752"
},
{
"cve": "CVE-2010-2753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2753"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code via a large selection attribute in a XUL tree element, which triggers a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2753",
"url": "https://www.suse.com/security/cve/CVE-2010-2753"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-2753",
"url": "https://bugzilla.suse.com/622506"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2753",
"url": "https://bugzilla.suse.com/637303"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2753"
},
{
"cve": "CVE-2010-2754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2754"
}
],
"notes": [
{
"category": "general",
"text": "dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script\u0027s URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2754",
"url": "https://www.suse.com/security/cve/CVE-2010-2754"
},
{
"category": "external",
"summary": "SUSE Bug 622506 for CVE-2010-2754",
"url": "https://bugzilla.suse.com/622506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-2754"
},
{
"cve": "CVE-2010-2760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2760"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsTreeSelection function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via vectors involving a XUL tree selection, related to a \"dangling pointer vulnerability.\" NOTE: this issue exists because of an incomplete fix for CVE-2010-2753.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2760",
"url": "https://www.suse.com/security/cve/CVE-2010-2760"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2760",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-2760",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2760"
},
{
"cve": "CVE-2010-2762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2762"
}
],
"notes": [
{
"category": "general",
"text": "The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox 3.6.x before 3.6.9 and Thunderbird 3.1.x before 3.1.3 does not properly restrict objects at the end of scope chains, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to a chrome privileged object and a chain ending in an outer object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2762",
"url": "https://www.suse.com/security/cve/CVE-2010-2762"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2762",
"url": "https://bugzilla.suse.com/637303"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-2762"
},
{
"cve": "CVE-2010-2764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2764"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, which allows remote attackers to discover the existence of intranet web servers via cross-origin requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2764",
"url": "https://www.suse.com/security/cve/CVE-2010-2764"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2764",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-2764",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2764"
},
{
"cve": "CVE-2010-2765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2765"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the FRAMESET element implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a large number of values in the cols (aka columns) attribute, leading to a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2765",
"url": "https://www.suse.com/security/cve/CVE-2010-2765"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2765",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-2765",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2765"
},
{
"cve": "CVE-2010-2766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2766"
}
],
"notes": [
{
"category": "general",
"text": "The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle the removal of DOM nodes during normalization, which might allow remote attackers to execute arbitrary code via vectors involving access to a deleted object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2766",
"url": "https://www.suse.com/security/cve/CVE-2010-2766"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2766",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-2766",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2766"
},
{
"cve": "CVE-2010-2767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2767"
}
],
"notes": [
{
"category": "general",
"text": "The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted access to the navigator object, related to a \"dangling pointer vulnerability.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2767",
"url": "https://www.suse.com/security/cve/CVE-2010-2767"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2767",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-2767",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2767"
},
{
"cve": "CVE-2010-2768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2768"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict use of the type attribute of an OBJECT element to set a document\u0027s charset, which allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms via UTF-7 encoding.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2768",
"url": "https://www.suse.com/security/cve/CVE-2010-2768"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2768",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-2768",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2768"
},
{
"cve": "CVE-2010-2769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2769"
}
],
"notes": [
{
"category": "general",
"text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allows user-assisted remote attackers to inject arbitrary web script or HTML via a selection that is added to a document in which the designMode property is enabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2769",
"url": "https://www.suse.com/security/cve/CVE-2010-2769"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-2769",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-2769",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-2769"
},
{
"cve": "CVE-2010-3166",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3166"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsTextFrameUtils::TransformText function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a bidirectional text run.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3166",
"url": "https://www.suse.com/security/cve/CVE-2010-3166"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-3166",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-3166",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3166"
},
{
"cve": "CVE-2010-3167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3167"
}
],
"notes": [
{
"category": "general",
"text": "The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vectors involving access to deleted memory, related to a \"dangling pointer vulnerability.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3167",
"url": "https://www.suse.com/security/cve/CVE-2010-3167"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-3167",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-3167",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3167"
},
{
"cve": "CVE-2010-3168",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3168"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to cause a denial of service (deleted memory access and application crash) or possibly execute arbitrary code by setting unspecified properties.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3168",
"url": "https://www.suse.com/security/cve/CVE-2010-3168"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-3168",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-3168",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3168"
},
{
"cve": "CVE-2010-3169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3169"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3169",
"url": "https://www.suse.com/security/cve/CVE-2010-3169"
},
{
"category": "external",
"summary": "SUSE Bug 637303 for CVE-2010-3169",
"url": "https://bugzilla.suse.com/637303"
},
{
"category": "external",
"summary": "SUSE Bug 638109 for CVE-2010-3169",
"url": "https://bugzilla.suse.com/638109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3169"
},
{
"cve": "CVE-2010-3170",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3170"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject\u0027s Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3170",
"url": "https://www.suse.com/security/cve/CVE-2010-3170"
},
{
"category": "external",
"summary": "SUSE Bug 637290 for CVE-2010-3170",
"url": "https://bugzilla.suse.com/637290"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3170",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3170",
"url": "https://bugzilla.suse.com/652858"
},
{
"category": "external",
"summary": "SUSE Bug 868629 for CVE-2010-3170",
"url": "https://bugzilla.suse.com/868629"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-3170"
},
{
"cve": "CVE-2010-3173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3173"
}
],
"notes": [
{
"category": "general",
"text": "The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly set the minimum key length for Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3173",
"url": "https://www.suse.com/security/cve/CVE-2010-3173"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3173",
"url": "https://bugzilla.suse.com/645315"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2010-3173"
},
{
"cve": "CVE-2010-3174",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3174"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before 2.0.9 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3174",
"url": "https://www.suse.com/security/cve/CVE-2010-3174"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3174",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3174",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3174"
},
{
"cve": "CVE-2010-3175",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3175"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.11 and Thunderbird 3.1.x before 3.1.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3175",
"url": "https://www.suse.com/security/cve/CVE-2010-3175"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3175",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3175",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3175"
},
{
"cve": "CVE-2010-3176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3176"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3176",
"url": "https://www.suse.com/security/cve/CVE-2010-3176"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3176",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3176",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3176"
},
{
"cve": "CVE-2010-3178",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3178"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 do not properly handle certain modal calls made by javascript: URLs in circumstances related to opening a new window and performing cross-domain navigation, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3178",
"url": "https://www.suse.com/security/cve/CVE-2010-3178"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3178",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3178",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-3178"
},
{
"cve": "CVE-2010-3179",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3179"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a long argument to the document.write method.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3179",
"url": "https://www.suse.com/security/cve/CVE-2010-3179"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3179",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3179",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3179"
},
{
"cve": "CVE-2010-3180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3180"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code by accessing the locationbar property of a closed window.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3180",
"url": "https://www.suse.com/security/cve/CVE-2010-3180"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3180",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3180",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3180"
},
{
"cve": "CVE-2010-3182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3182"
}
],
"notes": [
{
"category": "general",
"text": "A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3182",
"url": "https://www.suse.com/security/cve/CVE-2010-3182"
},
{
"category": "external",
"summary": "SUSE Bug 642502 for CVE-2010-3182",
"url": "https://bugzilla.suse.com/642502"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3182",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3182",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-3182"
},
{
"cve": "CVE-2010-3183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3183"
}
],
"notes": [
{
"category": "general",
"text": "The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.__lookupGetter__ function calls that lack arguments, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via vectors involving a \"dangling pointer\" and the JS_ValueToId function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3183",
"url": "https://www.suse.com/security/cve/CVE-2010-3183"
},
{
"category": "external",
"summary": "SUSE Bug 645315 for CVE-2010-3183",
"url": "https://bugzilla.suse.com/645315"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3183",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3183"
},
{
"cve": "CVE-2010-3765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3765"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3765",
"url": "https://www.suse.com/security/cve/CVE-2010-3765"
},
{
"category": "external",
"summary": "SUSE Bug 649492 for CVE-2010-3765",
"url": "https://bugzilla.suse.com/649492"
},
{
"category": "external",
"summary": "SUSE Bug 652858 for CVE-2010-3765",
"url": "https://bugzilla.suse.com/652858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3765"
},
{
"cve": "CVE-2010-3768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3768"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system\u0027s font implementation, which allows remote attackers to execute arbitrary code via vectors related to @font-face Cascading Style Sheets (CSS) rules.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3768",
"url": "https://www.suse.com/security/cve/CVE-2010-3768"
},
{
"category": "external",
"summary": "SUSE Bug 657016 for CVE-2010-3768",
"url": "https://bugzilla.suse.com/657016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3768"
},
{
"cve": "CVE-2010-3769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3769"
}
],
"notes": [
{
"category": "general",
"text": "The line-breaking implementation in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 on Windows does not properly handle long strings, which allows remote attackers to execute arbitrary code via a crafted document.write call that triggers a buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3769",
"url": "https://www.suse.com/security/cve/CVE-2010-3769"
},
{
"category": "external",
"summary": "SUSE Bug 657016 for CVE-2010-3769",
"url": "https://bugzilla.suse.com/657016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3769"
},
{
"cve": "CVE-2010-3776",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3776"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3776",
"url": "https://www.suse.com/security/cve/CVE-2010-3776"
},
{
"category": "external",
"summary": "SUSE Bug 657016 for CVE-2010-3776",
"url": "https://bugzilla.suse.com/657016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3776"
},
{
"cve": "CVE-2010-3777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3777"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Mozilla Firefox 3.6.x before 3.6.13 and Thunderbird 3.1.x before 3.1.7 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3777",
"url": "https://www.suse.com/security/cve/CVE-2010-3777"
},
{
"category": "external",
"summary": "SUSE Bug 657016 for CVE-2010-3777",
"url": "https://bugzilla.suse.com/657016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3777"
},
{
"cve": "CVE-2010-3778",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3778"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in Mozilla Firefox 3.5.x before 3.5.16, Thunderbird before 3.0.11, and SeaMonkey before 2.0.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3778",
"url": "https://www.suse.com/security/cve/CVE-2010-3778"
},
{
"category": "external",
"summary": "SUSE Bug 657016 for CVE-2010-3778",
"url": "https://bugzilla.suse.com/657016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-3778"
},
{
"cve": "CVE-2011-0053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0053"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0053",
"url": "https://www.suse.com/security/cve/CVE-2011-0053"
},
{
"category": "external",
"summary": "SUSE Bug 667155 for CVE-2011-0053",
"url": "https://bugzilla.suse.com/667155"
},
{
"category": "external",
"summary": "SUSE Bug 679570 for CVE-2011-0053",
"url": "https://bugzilla.suse.com/679570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0053"
},
{
"cve": "CVE-2011-0061",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0061"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0061",
"url": "https://www.suse.com/security/cve/CVE-2011-0061"
},
{
"category": "external",
"summary": "SUSE Bug 667155 for CVE-2011-0061",
"url": "https://bugzilla.suse.com/667155"
},
{
"category": "external",
"summary": "SUSE Bug 679570 for CVE-2011-0061",
"url": "https://bugzilla.suse.com/679570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0061"
},
{
"cve": "CVE-2011-0062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0062"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0062",
"url": "https://www.suse.com/security/cve/CVE-2011-0062"
},
{
"category": "external",
"summary": "SUSE Bug 667155 for CVE-2011-0062",
"url": "https://bugzilla.suse.com/667155"
},
{
"category": "external",
"summary": "SUSE Bug 679570 for CVE-2011-0062",
"url": "https://bugzilla.suse.com/679570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0062"
},
{
"cve": "CVE-2011-0069",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0069"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0070.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0069",
"url": "https://www.suse.com/security/cve/CVE-2011-0069"
},
{
"category": "external",
"summary": "SUSE Bug 689281 for CVE-2011-0069",
"url": "https://bugzilla.suse.com/689281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0069"
},
{
"cve": "CVE-2011-0070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0070"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0069.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0070",
"url": "https://www.suse.com/security/cve/CVE-2011-0070"
},
{
"category": "external",
"summary": "SUSE Bug 689281 for CVE-2011-0070",
"url": "https://bugzilla.suse.com/689281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0070"
},
{
"cve": "CVE-2011-0072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0072"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0074, CVE-2011-0075, CVE-2011-0077, and CVE-2011-0078.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0072",
"url": "https://www.suse.com/security/cve/CVE-2011-0072"
},
{
"category": "external",
"summary": "SUSE Bug 689281 for CVE-2011-0072",
"url": "https://bugzilla.suse.com/689281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0072"
},
{
"cve": "CVE-2011-0074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0074"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0075, CVE-2011-0077, and CVE-2011-0078.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0074",
"url": "https://www.suse.com/security/cve/CVE-2011-0074"
},
{
"category": "external",
"summary": "SUSE Bug 689281 for CVE-2011-0074",
"url": "https://bugzilla.suse.com/689281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0074"
},
{
"cve": "CVE-2011-0075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0075"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0077, and CVE-2011-0078.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0075",
"url": "https://www.suse.com/security/cve/CVE-2011-0075"
},
{
"category": "external",
"summary": "SUSE Bug 689281 for CVE-2011-0075",
"url": "https://bugzilla.suse.com/689281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0075"
},
{
"cve": "CVE-2011-0077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0077"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, and CVE-2011-0078.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0077",
"url": "https://www.suse.com/security/cve/CVE-2011-0077"
},
{
"category": "external",
"summary": "SUSE Bug 689281 for CVE-2011-0077",
"url": "https://bugzilla.suse.com/689281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0077"
},
{
"cve": "CVE-2011-0078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0078"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, and CVE-2011-0077.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0078",
"url": "https://www.suse.com/security/cve/CVE-2011-0078"
},
{
"category": "external",
"summary": "SUSE Bug 689281 for CVE-2011-0078",
"url": "https://bugzilla.suse.com/689281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0078"
},
{
"cve": "CVE-2011-0080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0080"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0080",
"url": "https://www.suse.com/security/cve/CVE-2011-0080"
},
{
"category": "external",
"summary": "SUSE Bug 689281 for CVE-2011-0080",
"url": "https://bugzilla.suse.com/689281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0080"
},
{
"cve": "CVE-2011-0081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0081"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.17 and 4.x before 4.0.1, and Thunderbird 3.1.x before 3.1.10, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0081",
"url": "https://www.suse.com/security/cve/CVE-2011-0081"
},
{
"category": "external",
"summary": "SUSE Bug 689281 for CVE-2011-0081",
"url": "https://bugzilla.suse.com/689281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0081"
},
{
"cve": "CVE-2011-0083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0083"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0083",
"url": "https://www.suse.com/security/cve/CVE-2011-0083"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-0083",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0083"
},
{
"cve": "CVE-2011-0084",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0084"
}
],
"notes": [
{
"category": "general",
"text": "The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a \"dangling pointer.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0084",
"url": "https://www.suse.com/security/cve/CVE-2011-0084"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-0084",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0084"
},
{
"cve": "CVE-2011-0085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-0085"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsXULCommandDispatcher function in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via a crafted XUL document that dequeues the current command updater.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-0085",
"url": "https://www.suse.com/security/cve/CVE-2011-0085"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-0085",
"url": "https://bugzilla.suse.com/701296"
},
{
"category": "external",
"summary": "SUSE Bug 701995 for CVE-2011-0085",
"url": "https://bugzilla.suse.com/701995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-0085"
},
{
"cve": "CVE-2011-1187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-1187"
}
],
"notes": [
{
"category": "general",
"text": "Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an \"error message leak.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-1187",
"url": "https://www.suse.com/security/cve/CVE-2011-1187"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2011-1187",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-1187"
},
{
"cve": "CVE-2011-2362",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2362"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 do not distinguish between cookies for two domain names that differ only in a trailing dot, which allows remote web servers to bypass the Same Origin Policy via Set-Cookie headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2362",
"url": "https://www.suse.com/security/cve/CVE-2011-2362"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2362",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-2362"
},
{
"cve": "CVE-2011-2363",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2363"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2363",
"url": "https://www.suse.com/security/cve/CVE-2011-2363"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2363",
"url": "https://bugzilla.suse.com/701296"
},
{
"category": "external",
"summary": "SUSE Bug 702020 for CVE-2011-2363",
"url": "https://bugzilla.suse.com/702020"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2363"
},
{
"cve": "CVE-2011-2364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2364"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2365.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2364",
"url": "https://www.suse.com/security/cve/CVE-2011-2364"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2364",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2364"
},
{
"cve": "CVE-2011-2365",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2365"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2364.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2365",
"url": "https://www.suse.com/security/cve/CVE-2011-2365"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2365",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2365"
},
{
"cve": "CVE-2011-2371",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2371"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via vectors involving a long JavaScript Array object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2371",
"url": "https://www.suse.com/security/cve/CVE-2011-2371"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2371",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2371"
},
{
"cve": "CVE-2011-2372",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2372"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2372",
"url": "https://www.suse.com/security/cve/CVE-2011-2372"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-2372",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-2372"
},
{
"cve": "CVE-2011-2373",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2373"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14, when JavaScript is disabled, allows remote attackers to execute arbitrary code via a crafted XUL document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2373",
"url": "https://www.suse.com/security/cve/CVE-2011-2373"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2373",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2011-2373"
},
{
"cve": "CVE-2011-2374",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2374"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, and Thunderbird before 3.1.11, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2374",
"url": "https://www.suse.com/security/cve/CVE-2011-2374"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2374",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2374"
},
{
"cve": "CVE-2011-2376",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2376"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and Thunderbird before 3.1.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2376",
"url": "https://www.suse.com/security/cve/CVE-2011-2376"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2376",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2376"
},
{
"cve": "CVE-2011-2377",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2377"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2377",
"url": "https://www.suse.com/security/cve/CVE-2011-2377"
},
{
"category": "external",
"summary": "SUSE Bug 701296 for CVE-2011-2377",
"url": "https://bugzilla.suse.com/701296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-2377"
},
{
"cve": "CVE-2011-2985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2985"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2985",
"url": "https://www.suse.com/security/cve/CVE-2011-2985"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-2985",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2985"
},
{
"cve": "CVE-2011-2986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2986"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products, when the Direct2D (aka D2D) API is used on Windows, allows remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2986",
"url": "https://www.suse.com/security/cve/CVE-2011-2986"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-2986",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-2986"
},
{
"cve": "CVE-2011-2987",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2987"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in Almost Native Graphics Layer Engine (ANGLE), as used in the WebGL implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products might allow remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2987",
"url": "https://www.suse.com/security/cve/CVE-2011-2987"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-2987",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2987"
},
{
"cve": "CVE-2011-2988",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2988"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in an unspecified string class in the WebGL shader implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long source-code block for a shader.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2988",
"url": "https://www.suse.com/security/cve/CVE-2011-2988"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-2988",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2988"
},
{
"cve": "CVE-2011-2989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2989"
}
],
"notes": [
{
"category": "general",
"text": "The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement WebGL, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2989",
"url": "https://www.suse.com/security/cve/CVE-2011-2989"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-2989",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2989"
},
{
"cve": "CVE-2011-2991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2991"
}
],
"notes": [
{
"category": "general",
"text": "The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement JavaScript, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2991",
"url": "https://www.suse.com/security/cve/CVE-2011-2991"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-2991",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2991"
},
{
"cve": "CVE-2011-2992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2992"
}
],
"notes": [
{
"category": "general",
"text": "The Ogg reader in the browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2992",
"url": "https://www.suse.com/security/cve/CVE-2011-2992"
},
{
"category": "external",
"summary": "SUSE Bug 712224 for CVE-2011-2992",
"url": "https://bugzilla.suse.com/712224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2992"
},
{
"cve": "CVE-2011-3000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3000"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote attackers to conduct HTTP response splitting attacks via crafted header values.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3000",
"url": "https://www.suse.com/security/cve/CVE-2011-3000"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-3000",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-3000"
},
{
"cve": "CVE-2011-3001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3001"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent manual add-on installation in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that triggers an unspecified internal error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3001",
"url": "https://www.suse.com/security/cve/CVE-2011-3001"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-3001",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-3001"
},
{
"cve": "CVE-2011-3005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3005"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OGG headers in a .ogg file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3005",
"url": "https://www.suse.com/security/cve/CVE-2011-3005"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-3005",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3005"
},
{
"cve": "CVE-2011-3026",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3026"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3026",
"url": "https://www.suse.com/security/cve/CVE-2011-3026"
},
{
"category": "external",
"summary": "SUSE Bug 747311 for CVE-2011-3026",
"url": "https://bugzilla.suse.com/747311"
},
{
"category": "external",
"summary": "SUSE Bug 747327 for CVE-2011-3026",
"url": "https://bugzilla.suse.com/747327"
},
{
"category": "external",
"summary": "SUSE Bug 747328 for CVE-2011-3026",
"url": "https://bugzilla.suse.com/747328"
},
{
"category": "external",
"summary": "SUSE Bug 773612 for CVE-2011-3026",
"url": "https://bugzilla.suse.com/773612"
},
{
"category": "external",
"summary": "SUSE Bug 854395 for CVE-2011-3026",
"url": "https://bugzilla.suse.com/854395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2011-3026"
},
{
"cve": "CVE-2011-3062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3062"
}
],
"notes": [
{
"category": "general",
"text": "Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3062",
"url": "https://www.suse.com/security/cve/CVE-2011-3062"
},
{
"category": "external",
"summary": "SUSE Bug 754458 for CVE-2011-3062",
"url": "https://bugzilla.suse.com/754458"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2011-3062",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3062"
},
{
"cve": "CVE-2011-3079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3079"
}
],
"notes": [
{
"category": "general",
"text": "The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3079",
"url": "https://www.suse.com/security/cve/CVE-2011-3079"
},
{
"category": "external",
"summary": "SUSE Bug 1122983 for CVE-2011-3079",
"url": "https://bugzilla.suse.com/1122983"
},
{
"category": "external",
"summary": "SUSE Bug 760264 for CVE-2011-3079",
"url": "https://bugzilla.suse.com/760264"
},
{
"category": "external",
"summary": "SUSE Bug 930622 for CVE-2011-3079",
"url": "https://bugzilla.suse.com/930622"
},
{
"category": "external",
"summary": "SUSE Bug 986639 for CVE-2011-3079",
"url": "https://bugzilla.suse.com/986639"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-3079"
},
{
"cve": "CVE-2011-3101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3101"
}
],
"notes": [
{
"category": "general",
"text": "Google Chrome before 19.0.1084.46 on Linux does not properly mitigate an unspecified flaw in an NVIDIA driver, which has unknown impact and attack vectors. NOTE: see CVE-2012-3105 for the related MFSA 2012-34 issue in Mozilla products.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3101",
"url": "https://www.suse.com/security/cve/CVE-2011-3101"
},
{
"category": "external",
"summary": "SUSE Bug 762481 for CVE-2011-3101",
"url": "https://bugzilla.suse.com/762481"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2011-3101",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3101"
},
{
"cve": "CVE-2011-3232",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3232"
}
],
"notes": [
{
"category": "general",
"text": "YARR, as used in Mozilla Firefox before 7.0, Thunderbird before 7.0, and SeaMonkey before 2.4, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3232",
"url": "https://www.suse.com/security/cve/CVE-2011-3232"
},
{
"category": "external",
"summary": "SUSE Bug 720264 for CVE-2011-3232",
"url": "https://bugzilla.suse.com/720264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3232"
},
{
"cve": "CVE-2011-3648",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3648"
}
],
"notes": [
{
"category": "general",
"text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script or HTML via crafted text with Shift JIS encoding.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3648",
"url": "https://www.suse.com/security/cve/CVE-2011-3648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-3648"
},
{
"cve": "CVE-2011-3650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3650"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted file that is accessed by debugging APIs, as demonstrated by Firebug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3650",
"url": "https://www.suse.com/security/cve/CVE-2011-3650"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3650"
},
{
"cve": "CVE-2011-3651",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3651"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 7.0 and Thunderbird 7.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3651",
"url": "https://www.suse.com/security/cve/CVE-2011-3651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3651"
},
{
"cve": "CVE-2011-3652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3652"
}
],
"notes": [
{
"category": "general",
"text": "The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3652",
"url": "https://www.suse.com/security/cve/CVE-2011-3652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3652"
},
{
"cve": "CVE-2011-3654",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3654"
}
],
"notes": [
{
"category": "general",
"text": "The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly handle links from SVG mpath elements to non-SVG elements, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3654",
"url": "https://www.suse.com/security/cve/CVE-2011-3654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3654"
},
{
"cve": "CVE-2011-3655",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3655"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 7.0 and Thunderbird 5.0 through 7.0 perform access control without checking for use of the NoWaiverWrapper wrapper, which allows remote attackers to gain privileges via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3655",
"url": "https://www.suse.com/security/cve/CVE-2011-3655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3655"
},
{
"cve": "CVE-2011-3658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3658"
}
],
"notes": [
{
"category": "general",
"text": "The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3658",
"url": "https://www.suse.com/security/cve/CVE-2011-3658"
},
{
"category": "external",
"summary": "SUSE Bug 737533 for CVE-2011-3658",
"url": "https://bugzilla.suse.com/737533"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2011-3658",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2011-3658",
"url": "https://bugzilla.suse.com/750044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2011-3658"
},
{
"cve": "CVE-2011-3659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3659"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3659",
"url": "https://www.suse.com/security/cve/CVE-2011-3659"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2011-3659",
"url": "https://bugzilla.suse.com/744275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3659"
},
{
"cve": "CVE-2011-3660",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3660"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger a compartment mismatch associated with the nsDOMMessageEvent::GetData function, and unknown other vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3660",
"url": "https://www.suse.com/security/cve/CVE-2011-3660"
},
{
"category": "external",
"summary": "SUSE Bug 737533 for CVE-2011-3660",
"url": "https://bugzilla.suse.com/737533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-3660"
},
{
"cve": "CVE-2011-3661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3661"
}
],
"notes": [
{
"category": "general",
"text": "YARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3661",
"url": "https://www.suse.com/security/cve/CVE-2011-3661"
},
{
"category": "external",
"summary": "SUSE Bug 737533 for CVE-2011-3661",
"url": "https://bugzilla.suse.com/737533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2011-3661"
},
{
"cve": "CVE-2011-3663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3663"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to capture keystrokes entered on a web page, even when JavaScript is disabled, by using SVG animation accessKey events within that web page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3663",
"url": "https://www.suse.com/security/cve/CVE-2011-3663"
},
{
"category": "external",
"summary": "SUSE Bug 737533 for CVE-2011-3663",
"url": "https://bugzilla.suse.com/737533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-3663"
},
{
"cve": "CVE-2012-0441",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0441"
}
],
"notes": [
{
"category": "general",
"text": "The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0441",
"url": "https://www.suse.com/security/cve/CVE-2012-0441"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-0441",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0441"
},
{
"cve": "CVE-2012-0442",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0442"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0442",
"url": "https://www.suse.com/security/cve/CVE-2012-0442"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2012-0442",
"url": "https://bugzilla.suse.com/744275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0442"
},
{
"cve": "CVE-2012-0443",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0443"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0443",
"url": "https://www.suse.com/security/cve/CVE-2012-0443"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2012-0443",
"url": "https://bugzilla.suse.com/744275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0443"
},
{
"cve": "CVE-2012-0444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0444"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0444",
"url": "https://www.suse.com/security/cve/CVE-2012-0444"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2012-0444",
"url": "https://bugzilla.suse.com/744275"
},
{
"category": "external",
"summary": "SUSE Bug 747912 for CVE-2012-0444",
"url": "https://bugzilla.suse.com/747912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0444"
},
{
"cve": "CVE-2012-0445",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0445"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to bypass the HTML5 frame-navigation policy and replace arbitrary sub-frames by creating a form submission target with a sub-frame\u0027s name attribute.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0445",
"url": "https://www.suse.com/security/cve/CVE-2012-0445"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2012-0445",
"url": "https://bugzilla.suse.com/744275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0445"
},
{
"cve": "CVE-2012-0446",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0446"
}
],
"notes": [
{
"category": "general",
"text": "Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to inject arbitrary web script or HTML via a (1) web page or (2) Firefox extension, related to improper enforcement of XPConnect security restrictions for frame scripts that call untrusted objects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0446",
"url": "https://www.suse.com/security/cve/CVE-2012-0446"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2012-0446",
"url": "https://bugzilla.suse.com/744275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0446"
},
{
"cve": "CVE-2012-0447",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0447"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize data for image/vnd.microsoft.icon images, which allows remote attackers to obtain potentially sensitive information by reading a PNG image that was created through conversion from an ICO image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0447",
"url": "https://www.suse.com/security/cve/CVE-2012-0447"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2012-0447",
"url": "https://bugzilla.suse.com/744275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0447"
},
{
"cve": "CVE-2012-0449",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0449"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed XSLT stylesheet that is embedded in a document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0449",
"url": "https://www.suse.com/security/cve/CVE-2012-0449"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2012-0449",
"url": "https://bugzilla.suse.com/744275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0449"
},
{
"cve": "CVE-2012-0451",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0451"
}
],
"notes": [
{
"category": "general",
"text": "CRLF injection vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote web servers to bypass intended Content Security Policy (CSP) restrictions and possibly conduct cross-site scripting (XSS) attacks via crafted HTTP headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0451",
"url": "https://www.suse.com/security/cve/CVE-2012-0451"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0451",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0451",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0451",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0451"
},
{
"cve": "CVE-2012-0452",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0452"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, Thunderbird 10.x before 10.0.1, and SeaMonkey 2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger failure of an nsXBLDocumentInfo::ReadPrototypeBindings function call, related to the cycle collector\u0027s access to a hash table containing a stale XBL binding.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0452",
"url": "https://www.suse.com/security/cve/CVE-2012-0452"
},
{
"category": "external",
"summary": "SUSE Bug 746616 for CVE-2012-0452",
"url": "https://bugzilla.suse.com/746616"
},
{
"category": "external",
"summary": "SUSE Bug 746663 for CVE-2012-0452",
"url": "https://bugzilla.suse.com/746663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-0452"
},
{
"cve": "CVE-2012-0455",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0455"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict drag-and-drop operations on javascript: URLs, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web page, related to a \"DragAndDropJacking\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0455",
"url": "https://www.suse.com/security/cve/CVE-2012-0455"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0455",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0455",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0455",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0455"
},
{
"cve": "CVE-2012-0456",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0456"
}
],
"notes": [
{
"category": "general",
"text": "The SVG Filters implementation in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to obtain sensitive information from process memory via vectors that trigger an out-of-bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0456",
"url": "https://www.suse.com/security/cve/CVE-2012-0456"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0456",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0456",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0456",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0456"
},
{
"cve": "CVE-2012-0457",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0457"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsSMILTimeValueSpec::ConvertBetweenTimeContainer function in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to execute arbitrary code via an SVG animation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0457",
"url": "https://www.suse.com/security/cve/CVE-2012-0457"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0457",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0457",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0457",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0457"
},
{
"cve": "CVE-2012-0458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0458"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict setting the home page through the dragging of a URL to the home button, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a javascript: URL that is later interpreted in the about:sessionrestore context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0458",
"url": "https://www.suse.com/security/cve/CVE-2012-0458"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0458",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0458",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0458",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0458"
},
{
"cve": "CVE-2012-0459",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0459"
}
],
"notes": [
{
"category": "general",
"text": "The Cascading Style Sheets (CSS) implementation in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via dynamic modification of a keyframe followed by access to the cssText of the keyframe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0459",
"url": "https://www.suse.com/security/cve/CVE-2012-0459"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0459",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0459",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0459",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-0459"
},
{
"cve": "CVE-2012-0460",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0460"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict write access to the window.fullScreen object, which allows remote attackers to spoof the user interface via a crafted web page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0460",
"url": "https://www.suse.com/security/cve/CVE-2012-0460"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0460",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0460",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0460",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0460"
},
{
"cve": "CVE-2012-0461",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0461"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0461",
"url": "https://www.suse.com/security/cve/CVE-2012-0461"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0461",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0461",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0461",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-0461"
},
{
"cve": "CVE-2012-0462",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0462"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0462",
"url": "https://www.suse.com/security/cve/CVE-2012-0462"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0462",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0462",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0462",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-0462"
},
{
"cve": "CVE-2012-0463",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0463"
}
],
"notes": [
{
"category": "general",
"text": "The nsWindow implementation in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 does not check the validity of an instance after event dispatching, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, as demonstrated by Mobile Firefox on Android.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0463",
"url": "https://www.suse.com/security/cve/CVE-2012-0463"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0463",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0463",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0463",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-0463"
},
{
"cve": "CVE-2012-0464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0464"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to execute arbitrary code via vectors involving an empty argument to the array.join function in conjunction with the triggering of garbage collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0464",
"url": "https://www.suse.com/security/cve/CVE-2012-0464"
},
{
"category": "external",
"summary": "SUSE Bug 746591 for CVE-2012-0464",
"url": "https://bugzilla.suse.com/746591"
},
{
"category": "external",
"summary": "SUSE Bug 750044 for CVE-2012-0464",
"url": "https://bugzilla.suse.com/750044"
},
{
"category": "external",
"summary": "SUSE Bug 752168 for CVE-2012-0464",
"url": "https://bugzilla.suse.com/752168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-0464"
},
{
"cve": "CVE-2012-0467",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0467"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0467",
"url": "https://www.suse.com/security/cve/CVE-2012-0467"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0467",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0467"
},
{
"cve": "CVE-2012-0468",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0468"
}
],
"notes": [
{
"category": "general",
"text": "The browser engine in Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (assertion failure and memory corruption) or possibly execute arbitrary code via vectors related to jsval.h and the js::array_shift function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0468",
"url": "https://www.suse.com/security/cve/CVE-2012-0468"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0468",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0468"
},
{
"cve": "CVE-2012-0469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0469"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::dom::indexedDB::IDBKeyRange::cycleCollection::Trace function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to execute arbitrary code via vectors related to crafted IndexedDB data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0469",
"url": "https://www.suse.com/security/cve/CVE-2012-0469"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0469",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0469"
},
{
"cve": "CVE-2012-0470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0470"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsSVGFEDiffuseLightingElement::LightPixel function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (invalid gfxImageSurface free operation) or possibly execute arbitrary code by leveraging the use of \"different number systems.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0470",
"url": "https://www.suse.com/security/cve/CVE-2012-0470"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0470",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0470"
},
{
"cve": "CVE-2012-0471",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0471"
}
],
"notes": [
{
"category": "general",
"text": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via a multibyte character set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0471",
"url": "https://www.suse.com/security/cve/CVE-2012-0471"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0471",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0471"
},
{
"cve": "CVE-2012-0472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0472"
}
],
"notes": [
{
"category": "general",
"text": "The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9, when certain Windows Vista and Windows 7 configurations are used, does not properly restrict font-rendering attempts, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0472",
"url": "https://www.suse.com/security/cve/CVE-2012-0472"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0472",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0472"
},
{
"cve": "CVE-2012-0473",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0473"
}
],
"notes": [
{
"category": "general",
"text": "The WebGLBuffer::FindMaxUshortElement function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 calls the FindMaxElementInSubArray function with incorrect template arguments, which allows remote attackers to obtain sensitive information from video memory via a crafted WebGL.drawElements call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0473",
"url": "https://www.suse.com/security/cve/CVE-2012-0473"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0473",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0473"
},
{
"cve": "CVE-2012-0474",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0474"
}
],
"notes": [
{
"category": "general",
"text": "Cross-site scripting (XSS) vulnerability in the docshell implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via vectors related to short-circuited page loads, aka \"Universal XSS (UXSS).\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0474",
"url": "https://www.suse.com/security/cve/CVE-2012-0474"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0474",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0474"
},
{
"cve": "CVE-2012-0475",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0475"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 do not properly construct the Origin and Sec-WebSocket-Origin HTTP headers, which might allow remote attackers to bypass an IPv6 literal ACL via a cross-site (1) XMLHttpRequest or (2) WebSocket operation involving a nonstandard port number and an IPv6 address that contains certain zero fields.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0475",
"url": "https://www.suse.com/security/cve/CVE-2012-0475"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0475",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0475"
},
{
"cve": "CVE-2012-0477",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0477"
}
],
"notes": [
{
"category": "general",
"text": "Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to inject arbitrary web script or HTML via the (1) ISO-2022-KR or (2) ISO-2022-CN character set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0477",
"url": "https://www.suse.com/security/cve/CVE-2012-0477"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0477",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0477"
},
{
"cve": "CVE-2012-0478",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0478"
}
],
"notes": [
{
"category": "general",
"text": "The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0478",
"url": "https://www.suse.com/security/cve/CVE-2012-0478"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0478",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0478"
},
{
"cve": "CVE-2012-0479",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0479"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) Atom XML content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0479",
"url": "https://www.suse.com/security/cve/CVE-2012-0479"
},
{
"category": "external",
"summary": "SUSE Bug 758408 for CVE-2012-0479",
"url": "https://bugzilla.suse.com/758408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0479"
},
{
"cve": "CVE-2012-0759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0759"
}
],
"notes": [
{
"category": "general",
"text": "Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0771.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0759",
"url": "https://www.suse.com/security/cve/CVE-2012-0759"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2012-0759",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0759"
},
{
"cve": "CVE-2012-1937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1937"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1937",
"url": "https://www.suse.com/security/cve/CVE-2012-1937"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-1937",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1937"
},
{
"cve": "CVE-2012-1938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1938"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) methodjit/ImmutableSync.cpp, (2) the JSObject::makeDenseArraySlow function in js/src/jsarray.cpp, and unknown other components.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1938",
"url": "https://www.suse.com/security/cve/CVE-2012-1938"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-1938",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1938"
},
{
"cve": "CVE-2012-1940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1940"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by changing the size of a container of absolutely positioned elements in a column.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1940",
"url": "https://www.suse.com/security/cve/CVE-2012-1940"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-1940",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1940"
},
{
"cve": "CVE-2012-1941",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1941"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsHTMLReflowState::CalculateHypotheticalBox function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code by resizing a window displaying absolutely positioned and relatively positioned elements in nested columns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1941",
"url": "https://www.suse.com/security/cve/CVE-2012-1941"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-1941",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1941"
},
{
"cve": "CVE-2012-1944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1944"
}
],
"notes": [
{
"category": "general",
"text": "The Content Security Policy (CSP) implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not block inline event handlers, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted HTML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1944",
"url": "https://www.suse.com/security/cve/CVE-2012-1944"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-1944",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-1944"
},
{
"cve": "CVE-2012-1945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1945"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut (aka .lnk) file for display within an IFRAME element, as demonstrated by a network share implemented by (1) Microsoft Windows or (2) Samba.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1945",
"url": "https://www.suse.com/security/cve/CVE-2012-1945"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-1945",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-1945"
},
{
"cve": "CVE-2012-1946",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1946"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsINode::ReplaceOrInsertBefore function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 might allow remote attackers to execute arbitrary code via document changes involving replacement or insertion of a node.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1946",
"url": "https://www.suse.com/security/cve/CVE-2012-1946"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-1946",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1946"
},
{
"cve": "CVE-2012-1947",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1947"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a character-set conversion failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1947",
"url": "https://www.suse.com/security/cve/CVE-2012-1947"
},
{
"category": "external",
"summary": "SUSE Bug 765204 for CVE-2012-1947",
"url": "https://bugzilla.suse.com/765204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1947"
},
{
"cve": "CVE-2012-1948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1948"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1948",
"url": "https://www.suse.com/security/cve/CVE-2012-1948"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1948",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1948"
},
{
"cve": "CVE-2012-1949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1949"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1949",
"url": "https://www.suse.com/security/cve/CVE-2012-1949"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1949",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1949"
},
{
"cve": "CVE-2012-1951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1951"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsSMILTimeValueSpec::IsEventBased function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code by interacting with objects used for SMIL Timing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1951",
"url": "https://www.suse.com/security/cve/CVE-2012-1951"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1951",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1951"
},
{
"cve": "CVE-2012-1952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1952"
}
],
"notes": [
{
"category": "general",
"text": "The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly perform a cast of a frame variable during processing of mixed row-group and column-group frames, which might allow remote attackers to execute arbitrary code via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1952",
"url": "https://www.suse.com/security/cve/CVE-2012-1952"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1952",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1952"
},
{
"cve": "CVE-2012-1953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1953"
}
],
"notes": [
{
"category": "general",
"text": "The ElementAnimations::EnsureStyleRuleFor function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (buffer over-read, incorrect pointer dereference, and heap-based buffer overflow) or possibly execute arbitrary code via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1953",
"url": "https://www.suse.com/security/cve/CVE-2012-1953"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1953",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1953"
},
{
"cve": "CVE-2012-1954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1954"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsDocument::AdoptNode function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors involving multiple adoptions and empty documents.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1954",
"url": "https://www.suse.com/security/cve/CVE-2012-1954"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1954",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1954"
},
{
"cve": "CVE-2012-1955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1955"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to spoof the address bar via vectors involving history.forward and history.back calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1955",
"url": "https://www.suse.com/security/cve/CVE-2012-1955"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1955",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1955"
},
{
"cve": "CVE-2012-1956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1956"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 do not prevent use of the Object.defineProperty method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1956",
"url": "https://www.suse.com/security/cve/CVE-2012-1956"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-1956",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-1956"
},
{
"cve": "CVE-2012-1957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1957"
}
],
"notes": [
{
"category": "general",
"text": "An unspecified parser-utility class in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly handle EMBED elements within description elements in RSS feeds, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a feed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1957",
"url": "https://www.suse.com/security/cve/CVE-2012-1957"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1957",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1957"
},
{
"cve": "CVE-2012-1958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1958"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsGlobalWindow::PageHidden function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 might allow remote attackers to execute arbitrary code via vectors related to focused content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1958",
"url": "https://www.suse.com/security/cve/CVE-2012-1958"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1958",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1958"
},
{
"cve": "CVE-2012-1959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1959"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not consider the presence of same-compartment security wrappers (SCSW) during the cross-compartment wrapping of objects, which allows remote attackers to bypass intended XBL access restrictions via crafted content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1959",
"url": "https://www.suse.com/security/cve/CVE-2012-1959"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1959",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1959"
},
{
"cve": "CVE-2012-1960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1960"
}
],
"notes": [
{
"category": "general",
"text": "The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implementation in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 might allow remote attackers to obtain sensitive information from process memory via a crafted color profile that triggers an out-of-bounds read operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1960",
"url": "https://www.suse.com/security/cve/CVE-2012-1960"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1960",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-1960"
},
{
"cve": "CVE-2012-1961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1961"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly handle duplicate values in X-Frame-Options headers, which makes it easier for remote attackers to conduct clickjacking attacks via a FRAME element referencing a web site that produces these duplicate values.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1961",
"url": "https://www.suse.com/security/cve/CVE-2012-1961"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1961",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1961"
},
{
"cve": "CVE-2012-1962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1962"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the JSDependentString::undepend function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving strings with multiple dependencies.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1962",
"url": "https://www.suse.com/security/cve/CVE-2012-1962"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1962",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1962"
},
{
"cve": "CVE-2012-1963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1963"
}
],
"notes": [
{
"category": "general",
"text": "The Content Security Policy (CSP) functionality in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly restrict the strings placed into the blocked-uri parameter of a violation report, which allows remote web servers to capture OpenID credentials and OAuth 2.0 access tokens by triggering a violation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1963",
"url": "https://www.suse.com/security/cve/CVE-2012-1963"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1963",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1963"
},
{
"cve": "CVE-2012-1967",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1967"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows remote attackers to execute arbitrary JavaScript code with improper privileges via a javascript: URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1967",
"url": "https://www.suse.com/security/cve/CVE-2012-1967"
},
{
"category": "external",
"summary": "SUSE Bug 771583 for CVE-2012-1967",
"url": "https://bugzilla.suse.com/771583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1967"
},
{
"cve": "CVE-2012-1970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1970"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1970",
"url": "https://www.suse.com/security/cve/CVE-2012-1970"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-1970",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1970"
},
{
"cve": "CVE-2012-1972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1972"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1972",
"url": "https://www.suse.com/security/cve/CVE-2012-1972"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-1972",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1972"
},
{
"cve": "CVE-2012-1973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1973"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsObjectLoadingContent::LoadObject function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1973",
"url": "https://www.suse.com/security/cve/CVE-2012-1973"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-1973",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1973"
},
{
"cve": "CVE-2012-1974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1974"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the gfxTextRun::CanBreakLineBefore function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1974",
"url": "https://www.suse.com/security/cve/CVE-2012-1974"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-1974",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1974"
},
{
"cve": "CVE-2012-1975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1975"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the PresShell::CompleteMove function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1975",
"url": "https://www.suse.com/security/cve/CVE-2012-1975"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-1975",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1975"
},
{
"cve": "CVE-2012-1976",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1976"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsHTMLSelectElement::SubmitNamesValues function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1976",
"url": "https://www.suse.com/security/cve/CVE-2012-1976"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-1976",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-1976"
},
{
"cve": "CVE-2012-3956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3956"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the MediaStreamGraphThreadRunnable::Run function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3956",
"url": "https://www.suse.com/security/cve/CVE-2012-3956"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3956",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3956"
},
{
"cve": "CVE-2012-3957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3957"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsBlockFrame::MarkLineDirty function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3957",
"url": "https://www.suse.com/security/cve/CVE-2012-3957"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3957",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3957"
},
{
"cve": "CVE-2012-3958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3958"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsHTMLEditRules::DeleteNonTableElements function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3958",
"url": "https://www.suse.com/security/cve/CVE-2012-3958"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3958",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3958"
},
{
"cve": "CVE-2012-3959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3959"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3959",
"url": "https://www.suse.com/security/cve/CVE-2012-3959"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3959",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3959"
},
{
"cve": "CVE-2012-3960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3960"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozSpellChecker::SetCurrentDictionary function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3960",
"url": "https://www.suse.com/security/cve/CVE-2012-3960"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3960",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3960"
},
{
"cve": "CVE-2012-3961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3961"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the RangeData implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3961",
"url": "https://www.suse.com/security/cve/CVE-2012-3961"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3961",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3961"
},
{
"cve": "CVE-2012-3962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3962"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly iterate through the characters in a text run, which allows remote attackers to execute arbitrary code via a crafted document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3962",
"url": "https://www.suse.com/security/cve/CVE-2012-3962"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3962",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3962"
},
{
"cve": "CVE-2012-3963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3963"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the js::gc::MapAllocToTraceKind function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3963",
"url": "https://www.suse.com/security/cve/CVE-2012-3963"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3963",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3963"
},
{
"cve": "CVE-2012-3964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3964"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the gfxTextRun::GetUserData function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3964",
"url": "https://www.suse.com/security/cve/CVE-2012-3964"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3964",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3964"
},
{
"cve": "CVE-2012-3966",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3966"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a negative height value in a BMP image within a .ICO file, related to (1) improper handling of the transparency bitmask by the nsICODecoder component and (2) improper processing of the alpha channel by the nsBMPDecoder component.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3966",
"url": "https://www.suse.com/security/cve/CVE-2012-3966"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3966",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3966"
},
{
"cve": "CVE-2012-3967",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3967"
}
],
"notes": [
{
"category": "general",
"text": "The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 on Linux, when a large number of sampler uniforms are used, does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3967",
"url": "https://www.suse.com/security/cve/CVE-2012-3967"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3967",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3967"
},
{
"cve": "CVE-2012-3968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3968"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via vectors related to deletion of a fragment shader by its accessor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3968",
"url": "https://www.suse.com/security/cve/CVE-2012-3968"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3968",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3968"
},
{
"cve": "CVE-2012-3969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3969"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the nsSVGFEMorphologyElement::Filter function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via a crafted SVG filter that triggers an incorrect sum calculation, leading to a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3969",
"url": "https://www.suse.com/security/cve/CVE-2012-3969"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3969",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3969"
},
{
"cve": "CVE-2012-3970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3970"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsTArray_base::Length function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving movement of a requiredFeatures attribute from one SVG document to another.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3970",
"url": "https://www.suse.com/security/cve/CVE-2012-3970"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3970",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3970"
},
{
"cve": "CVE-2012-3971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3971"
}
],
"notes": [
{
"category": "general",
"text": "Summer Institute of Linguistics (SIL) Graphite 2, as used in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the (1) Silf::readClassMap and (2) Pass::readPass functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3971",
"url": "https://www.suse.com/security/cve/CVE-2012-3971"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3971",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3971"
},
{
"cve": "CVE-2012-3972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3972"
}
],
"notes": [
{
"category": "general",
"text": "The format-number functionality in the XSLT implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3972",
"url": "https://www.suse.com/security/cve/CVE-2012-3972"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3972",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-3972"
},
{
"cve": "CVE-2012-3975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3975"
}
],
"notes": [
{
"category": "general",
"text": "The DOMParser component in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 loads subresources during parsing of text/html data within an extension, which allows remote attackers to obtain sensitive information by providing crafted data to privileged extension code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3975",
"url": "https://www.suse.com/security/cve/CVE-2012-3975"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3975",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-3975"
},
{
"cve": "CVE-2012-3978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3978"
}
],
"notes": [
{
"category": "general",
"text": "The nsLocation::CheckURL function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 does not properly follow the security model of the location object, which allows remote attackers to bypass intended content-loading restrictions or possibly have unspecified other impact via vectors involving chrome code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3978",
"url": "https://www.suse.com/security/cve/CVE-2012-3978"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3978",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-3978"
},
{
"cve": "CVE-2012-3980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3980"
}
],
"notes": [
{
"category": "general",
"text": "The web console in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that injects this code and triggers an eval operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3980",
"url": "https://www.suse.com/security/cve/CVE-2012-3980"
},
{
"category": "external",
"summary": "SUSE Bug 777588 for CVE-2012-3980",
"url": "https://bugzilla.suse.com/777588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3980"
},
{
"cve": "CVE-2012-3982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3982"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3982",
"url": "https://www.suse.com/security/cve/CVE-2012-3982"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3982",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3982"
},
{
"cve": "CVE-2012-3983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3983"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3983",
"url": "https://www.suse.com/security/cve/CVE-2012-3983"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3983",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3983"
},
{
"cve": "CVE-2012-3984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3984"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has a SELECT element\u0027s menu active, which allows remote attackers to spoof page content via vectors involving absolute positioning and scrolling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3984",
"url": "https://www.suse.com/security/cve/CVE-2012-3984"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3984",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-3984"
},
{
"cve": "CVE-2012-3985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3985"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly implement the HTML5 Same Origin Policy, which allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging initial-origin access after document.domain has been set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3985",
"url": "https://www.suse.com/security/cve/CVE-2012-3985"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3985",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-3985"
},
{
"cve": "CVE-2012-3986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3986"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict calls to DOMWindowUtils (aka nsDOMWindowUtils) methods, which allows remote attackers to bypass intended access restrictions via crafted JavaScript code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3986",
"url": "https://www.suse.com/security/cve/CVE-2012-3986"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3986",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3986"
},
{
"cve": "CVE-2012-3988",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3988"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 might allow user-assisted remote attackers to execute arbitrary code via vectors involving use of mozRequestFullScreen to enter full-screen mode, and use of the history.back method for backwards history navigation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3988",
"url": "https://www.suse.com/security/cve/CVE-2012-3988"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3988",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3988"
},
{
"cve": "CVE-2012-3989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3989"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly perform a cast of an unspecified variable during use of the instanceof operator on a JavaScript object, which allows remote attackers to execute arbitrary code or cause a denial of service (assertion failure) via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3989",
"url": "https://www.suse.com/security/cve/CVE-2012-3989"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3989",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3989"
},
{
"cve": "CVE-2012-3990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3990"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the IME State Manager implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors, related to the nsIContent::GetNameSpaceID function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3990",
"url": "https://www.suse.com/security/cve/CVE-2012-3990"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3990",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3990"
},
{
"cve": "CVE-2012-3991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3991"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict JSAPI access to the GetProperty function, which allows remote attackers to bypass the Same Origin Policy and possibly have unspecified other impact via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3991",
"url": "https://www.suse.com/security/cve/CVE-2012-3991"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3991",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3991"
},
{
"cve": "CVE-2012-3992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3992"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive POST content via vectors involving a location.hash write operation and history navigation that triggers the loading of a URL into the history object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3992",
"url": "https://www.suse.com/security/cve/CVE-2012-3992"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3992",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3992"
},
{
"cve": "CVE-2012-3993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3993"
}
],
"notes": [
{
"category": "general",
"text": "The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not properly interact with failures of InstallTrigger methods, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site, related to an \"XrayWrapper pollution\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3993",
"url": "https://www.suse.com/security/cve/CVE-2012-3993"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3993",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3993"
},
{
"cve": "CVE-2012-3994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3994"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to conduct cross-site scripting (XSS) attacks via a binary plugin that uses Object.defineProperty to shadow the top object, and leverages the relationship between top.location and the location property.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3994",
"url": "https://www.suse.com/security/cve/CVE-2012-3994"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3994",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3994"
},
{
"cve": "CVE-2012-3995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3995"
}
],
"notes": [
{
"category": "general",
"text": "The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3995",
"url": "https://www.suse.com/security/cve/CVE-2012-3995"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-3995",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-3995"
},
{
"cve": "CVE-2012-4179",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4179"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsHTMLCSSUtils::CreateCSSPropertyTxn function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4179",
"url": "https://www.suse.com/security/cve/CVE-2012-4179"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4179",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4179"
},
{
"cve": "CVE-2012-4180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4180"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsHTMLEditor::IsPrevCharInNodeWhitespace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4180",
"url": "https://www.suse.com/security/cve/CVE-2012-4180"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4180",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4180"
},
{
"cve": "CVE-2012-4181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4181"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsSMILAnimationController::DoSample function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4181",
"url": "https://www.suse.com/security/cve/CVE-2012-4181"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4181",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4181"
},
{
"cve": "CVE-2012-4182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4182"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsTextEditRules::WillInsert function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4182",
"url": "https://www.suse.com/security/cve/CVE-2012-4182"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4182",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4182"
},
{
"cve": "CVE-2012-4183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4183"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the DOMSVGTests::GetRequiredFeatures function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4183",
"url": "https://www.suse.com/security/cve/CVE-2012-4183"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4183",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4183"
},
{
"cve": "CVE-2012-4184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4184"
}
],
"notes": [
{
"category": "general",
"text": "The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not prevent access to properties of a prototype for a standard class, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4184",
"url": "https://www.suse.com/security/cve/CVE-2012-4184"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4184",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4184"
},
{
"cve": "CVE-2012-4185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4185"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the nsCharTraits::length function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4185",
"url": "https://www.suse.com/security/cve/CVE-2012-4185"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4185",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4185"
},
{
"cve": "CVE-2012-4186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4186"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsWaveReader::DecodeAudioData function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4186",
"url": "https://www.suse.com/security/cve/CVE-2012-4186"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4186",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4186"
},
{
"cve": "CVE-2012-4187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4187"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage a certain insPos variable, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and assertion failure) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4187",
"url": "https://www.suse.com/security/cve/CVE-2012-4187"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4187",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4187"
},
{
"cve": "CVE-2012-4188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4188"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the Convolve3x3 function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4188",
"url": "https://www.suse.com/security/cve/CVE-2012-4188"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4188",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4188"
},
{
"cve": "CVE-2012-4191",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4191"
}
],
"notes": [
{
"category": "general",
"text": "The mozilla::net::FailDelayManager::Lookup function in the WebSockets implementation in Mozilla Firefox before 16.0.1, Thunderbird before 16.0.1, and SeaMonkey before 2.13.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4191",
"url": "https://www.suse.com/security/cve/CVE-2012-4191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4191"
},
{
"cve": "CVE-2012-4192",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4192"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 16.0, Thunderbird 16.0, and SeaMonkey 2.13 allow remote attackers to bypass the Same Origin Policy and read the properties of a Location object via a crafted web site, a related issue to CVE-2012-4193.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4192",
"url": "https://www.suse.com/security/cve/CVE-2012-4192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4192"
},
{
"cve": "CVE-2012-4193",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4193"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, which allows remote attackers to bypass the Same Origin Policy and read the properties of a Location object, or execute arbitrary JavaScript code, via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4193",
"url": "https://www.suse.com/security/cve/CVE-2012-4193"
},
{
"category": "external",
"summary": "SUSE Bug 783533 for CVE-2012-4193",
"url": "https://bugzilla.suse.com/783533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4193"
},
{
"cve": "CVE-2012-4194",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4194"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4194",
"url": "https://www.suse.com/security/cve/CVE-2012-4194"
},
{
"category": "external",
"summary": "SUSE Bug 786522 for CVE-2012-4194",
"url": "https://bugzilla.suse.com/786522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4194"
},
{
"cve": "CVE-2012-4195",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4195"
}
],
"notes": [
{
"category": "general",
"text": "The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and principal in its return value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, and makes it easier for remote attackers to execute arbitrary JavaScript code by leveraging certain add-on behavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4195",
"url": "https://www.suse.com/security/cve/CVE-2012-4195"
},
{
"category": "external",
"summary": "SUSE Bug 786522 for CVE-2012-4195",
"url": "https://bugzilla.suse.com/786522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4195"
},
{
"cve": "CVE-2012-4196",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4196"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a prototype property-injection attack that defeats certain protection mechanisms for this object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4196",
"url": "https://www.suse.com/security/cve/CVE-2012-4196"
},
{
"category": "external",
"summary": "SUSE Bug 786522 for CVE-2012-4196",
"url": "https://bugzilla.suse.com/786522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4196"
},
{
"cve": "CVE-2012-4201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4201"
}
],
"notes": [
{
"category": "general",
"text": "The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incorrect context during the handling of JavaScript code that sets the location.href property, which allows remote attackers to conduct cross-site scripting (XSS) attacks or read arbitrary files by leveraging a sandboxed add-on.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4201",
"url": "https://www.suse.com/security/cve/CVE-2012-4201"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4201",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4201"
},
{
"cve": "CVE-2012-4202",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4202"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via a crafted GIF image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4202",
"url": "https://www.suse.com/security/cve/CVE-2012-4202"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4202",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4202"
},
{
"cve": "CVE-2012-4204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4204"
}
],
"notes": [
{
"category": "general",
"text": "The str_unescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4204",
"url": "https://www.suse.com/security/cve/CVE-2012-4204"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4204",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4204"
},
{
"cve": "CVE-2012-4205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4205"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 assign the system principal, rather than the sandbox principal, to XMLHttpRequest objects created in sandboxes, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks or obtain sensitive information by leveraging a sandboxed add-on.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4205",
"url": "https://www.suse.com/security/cve/CVE-2012-4205"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4205",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4205"
},
{
"cve": "CVE-2012-4207",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4207"
}
],
"notes": [
{
"category": "general",
"text": "The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a ~ (tilde) character in proximity to a chunk delimiter, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4207",
"url": "https://www.suse.com/security/cve/CVE-2012-4207"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4207",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4207"
},
{
"cve": "CVE-2012-4208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4208"
}
],
"notes": [
{
"category": "general",
"text": "The XrayWrapper implementation in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 does not consider the compartment during property filtering, which allows remote attackers to bypass intended chrome-only restrictions on reading DOM object properties via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4208",
"url": "https://www.suse.com/security/cve/CVE-2012-4208"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4208",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4208"
},
{
"cve": "CVE-2012-4209",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4209"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do not prevent use of a \"top\" frame name-attribute value to access the location property, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a binary plugin.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4209",
"url": "https://www.suse.com/security/cve/CVE-2012-4209"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4209",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-4209"
},
{
"cve": "CVE-2012-4212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4212"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the XPCWrappedNative::Mark function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4212",
"url": "https://www.suse.com/security/cve/CVE-2012-4212"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4212",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4212"
},
{
"cve": "CVE-2012-4213",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4213"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsEditor::FindNextLeafNode function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4213",
"url": "https://www.suse.com/security/cve/CVE-2012-4213"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4213",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4213"
},
{
"cve": "CVE-2012-4214",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4214"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-5840.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4214",
"url": "https://www.suse.com/security/cve/CVE-2012-4214"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4214",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4214"
},
{
"cve": "CVE-2012-4215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4215"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4215",
"url": "https://www.suse.com/security/cve/CVE-2012-4215"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4215",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4215"
},
{
"cve": "CVE-2012-4216",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4216"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4216",
"url": "https://www.suse.com/security/cve/CVE-2012-4216"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4216",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4216"
},
{
"cve": "CVE-2012-4217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4217"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsViewManager::ProcessPendingUpdates function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4217",
"url": "https://www.suse.com/security/cve/CVE-2012-4217"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4217",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4217"
},
{
"cve": "CVE-2012-4218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-4218"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the BuildTextRunsScanner::BreakSink::SetBreaks function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-4218",
"url": "https://www.suse.com/security/cve/CVE-2012-4218"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-4218",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-4218"
},
{
"cve": "CVE-2012-5829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5829"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsWindow::OnExposeEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5829",
"url": "https://www.suse.com/security/cve/CVE-2012-5829"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5829",
"url": "https://bugzilla.suse.com/790140"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2012-5829",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-5829"
},
{
"cve": "CVE-2012-5830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5830"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5830",
"url": "https://www.suse.com/security/cve/CVE-2012-5830"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5830",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-5830"
},
{
"cve": "CVE-2012-5833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5833"
}
],
"notes": [
{
"category": "general",
"text": "The texImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via function calls involving certain values of the level parameter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5833",
"url": "https://www.suse.com/security/cve/CVE-2012-5833"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5833",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-5833"
},
{
"cve": "CVE-2012-5835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5835"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via crafted data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5835",
"url": "https://www.suse.com/security/cve/CVE-2012-5835"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5835",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-5835"
},
{
"cve": "CVE-2012-5836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5836"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving the setting of Cascading Style Sheets (CSS) properties in conjunction with SVG text.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5836",
"url": "https://www.suse.com/security/cve/CVE-2012-5836"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5836",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-5836"
},
{
"cve": "CVE-2012-5837",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5837"
}
],
"notes": [
{
"category": "general",
"text": "The Web Developer Toolbar in Mozilla Firefox before 17.0 executes script with chrome privileges, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted string.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5837",
"url": "https://www.suse.com/security/cve/CVE-2012-5837"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5837",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-5837"
},
{
"cve": "CVE-2012-5838",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5838"
}
],
"notes": [
{
"category": "general",
"text": "The copyTexImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via large image dimensions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5838",
"url": "https://www.suse.com/security/cve/CVE-2012-5838"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5838",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-5838"
},
{
"cve": "CVE-2012-5839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5839"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5839",
"url": "https://www.suse.com/security/cve/CVE-2012-5839"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5839",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-5839"
},
{
"cve": "CVE-2012-5840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5840"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4214.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5840",
"url": "https://www.suse.com/security/cve/CVE-2012-5840"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5840",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-5840"
},
{
"cve": "CVE-2012-5841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5841"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 implement cross-origin wrappers with a filtering behavior that does not properly restrict write actions, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5841",
"url": "https://www.suse.com/security/cve/CVE-2012-5841"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5841",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-5841"
},
{
"cve": "CVE-2012-5842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5842"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5842",
"url": "https://www.suse.com/security/cve/CVE-2012-5842"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5842",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-5842"
},
{
"cve": "CVE-2012-5843",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-5843"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-5843",
"url": "https://www.suse.com/security/cve/CVE-2012-5843"
},
{
"category": "external",
"summary": "SUSE Bug 790140 for CVE-2012-5843",
"url": "https://bugzilla.suse.com/790140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-5843"
},
{
"cve": "CVE-2013-0743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0743"
}
],
"notes": [
{
"category": "general",
"text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA at the suggestion of the CVE project team. The candidate had been associated with a correct report of a security problem, but not a problem that is categorized as a vulnerability within CVE. Compromised or unauthorized SSL certificates are not within CVE\u0027s scope. Notes: none.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0743",
"url": "https://www.suse.com/security/cve/CVE-2013-0743"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0743",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0743"
},
{
"cve": "CVE-2013-0744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0744"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an HTML document with a table containing many columns and column groups.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0744",
"url": "https://www.suse.com/security/cve/CVE-2013-0744"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0744",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0744"
},
{
"cve": "CVE-2013-0745",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0745"
}
],
"notes": [
{
"category": "general",
"text": "The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly interact with garbage collection, which allows remote attackers to execute arbitrary code via a crafted HTML document referencing JavaScript objects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0745",
"url": "https://www.suse.com/security/cve/CVE-2013-0745"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0745",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0745"
},
{
"cve": "CVE-2013-0746",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0746"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 do not properly implement quickstubs that use the jsval data type for their return values, which allows remote attackers to execute arbitrary code or cause a denial of service (compartment mismatch and application crash) via crafted JavaScript code that is not properly handled during garbage collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0746",
"url": "https://www.suse.com/security/cve/CVE-2013-0746"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0746",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0746"
},
{
"cve": "CVE-2013-0747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0747"
}
],
"notes": [
{
"category": "general",
"text": "The gPluginHandler.handleEvent function in the plugin handler in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly enforce the Same Origin Policy, which allows remote attackers to conduct clickjacking attacks via crafted JavaScript code that listens for a mutation event.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0747",
"url": "https://www.suse.com/security/cve/CVE-2013-0747"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0747",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0747"
},
{
"cve": "CVE-2013-0748",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0748"
}
],
"notes": [
{
"category": "general",
"text": "The XBL.__proto__.toString implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 makes it easier for remote attackers to bypass the ASLR protection mechanism by calling the toString function of an XBL object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0748",
"url": "https://www.suse.com/security/cve/CVE-2013-0748"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0748",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0748"
},
{
"cve": "CVE-2013-0749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0749"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0749",
"url": "https://www.suse.com/security/cve/CVE-2013-0749"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0749",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0749"
},
{
"cve": "CVE-2013-0750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0750"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted string concatenation, leading to improper memory allocation and a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0750",
"url": "https://www.suse.com/security/cve/CVE-2013-0750"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0750",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0750"
},
{
"cve": "CVE-2013-0752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0752"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XBL file with multiple bindings that have SVG content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0752",
"url": "https://www.suse.com/security/cve/CVE-2013-0752"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0752",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0752"
},
{
"cve": "CVE-2013-0753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0753"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via crafted web content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0753",
"url": "https://www.suse.com/security/cve/CVE-2013-0753"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0753",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0753"
},
{
"cve": "CVE-2013-0754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0754"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the ListenerManager implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors involving the triggering of garbage collection after memory allocation for listener objects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0754",
"url": "https://www.suse.com/security/cve/CVE-2013-0754"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0754",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0754"
},
{
"cve": "CVE-2013-0755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0755"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozVibrate implementation in the Vibrate library in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors related to the domDoc pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0755",
"url": "https://www.suse.com/security/cve/CVE-2013-0755"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0755",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0755"
},
{
"cve": "CVE-2013-0756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0756"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the obj_toSource function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted web page referencing JavaScript Proxy objects that are not properly handled during garbage collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0756",
"url": "https://www.suse.com/security/cve/CVE-2013-0756"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0756",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0756"
},
{
"cve": "CVE-2013-0757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0757"
}
],
"notes": [
{
"category": "general",
"text": "The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not prevent modifications to the prototype of an object, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by referencing Object.prototype.__proto__ in a crafted HTML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0757",
"url": "https://www.suse.com/security/cve/CVE-2013-0757"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0757",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0757"
},
{
"cve": "CVE-2013-0758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0758"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging improper interaction between plugin objects and SVG elements.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0758",
"url": "https://www.suse.com/security/cve/CVE-2013-0758"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0758",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0758"
},
{
"cve": "CVE-2013-0760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0760"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the CharDistributionAnalysis::HandleOneChar function in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0760",
"url": "https://www.suse.com/security/cve/CVE-2013-0760"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0760",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0760"
},
{
"cve": "CVE-2013-0761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0761"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::TrackUnionStream::EndTrack implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0761",
"url": "https://www.suse.com/security/cve/CVE-2013-0761"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0761",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0761"
},
{
"cve": "CVE-2013-0762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0762"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the imgRequest::OnStopFrame function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0762",
"url": "https://www.suse.com/security/cve/CVE-2013-0762"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0762",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0762"
},
{
"cve": "CVE-2013-0763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0763"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to Mesa drivers and a resized WebGL canvas.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0763",
"url": "https://www.suse.com/security/cve/CVE-2013-0763"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0763",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0763"
},
{
"cve": "CVE-2013-0764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0764"
}
],
"notes": [
{
"category": "general",
"text": "The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not ensure thread safety for SSL sessions, which allows remote attackers to execute arbitrary code via crafted data, as demonstrated by e-mail message data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0764",
"url": "https://www.suse.com/security/cve/CVE-2013-0764"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0764",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0764"
},
{
"cve": "CVE-2013-0766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0766"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the ~nsHTMLEditRules implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0766",
"url": "https://www.suse.com/security/cve/CVE-2013-0766"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0766",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0766"
},
{
"cve": "CVE-2013-0767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0767"
}
],
"notes": [
{
"category": "general",
"text": "The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0767",
"url": "https://www.suse.com/security/cve/CVE-2013-0767"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0767",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0767"
},
{
"cve": "CVE-2013-0768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0768"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer overflow in the Canvas implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via an HTML document that specifies invalid width and height values.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0768",
"url": "https://www.suse.com/security/cve/CVE-2013-0768"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0768",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0768"
},
{
"cve": "CVE-2013-0769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0769"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0769",
"url": "https://www.suse.com/security/cve/CVE-2013-0769"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0769",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0769"
},
{
"cve": "CVE-2013-0770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0770"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0770",
"url": "https://www.suse.com/security/cve/CVE-2013-0770"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0770",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0770"
},
{
"cve": "CVE-2013-0771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0771"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0771",
"url": "https://www.suse.com/security/cve/CVE-2013-0771"
},
{
"category": "external",
"summary": "SUSE Bug 796895 for CVE-2013-0771",
"url": "https://bugzilla.suse.com/796895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0771"
},
{
"cve": "CVE-2013-0773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0773"
}
],
"notes": [
{
"category": "general",
"text": "The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) implementations in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent modifications to a prototype, which allows remote attackers to obtain sensitive information from chrome objects or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0773",
"url": "https://www.suse.com/security/cve/CVE-2013-0773"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0773",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0773"
},
{
"cve": "CVE-2013-0774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0774"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent JavaScript workers from reading the browser-profile directory name, which has unspecified impact and remote attack vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0774",
"url": "https://www.suse.com/security/cve/CVE-2013-0774"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0774",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0774"
},
{
"cve": "CVE-2013-0775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0775"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsImageLoadingContent::OnStopContainer function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via crafted web script.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0775",
"url": "https://www.suse.com/security/cve/CVE-2013-0775"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0775",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0775"
},
{
"cve": "CVE-2013-0776",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0776"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the address bar by operating a proxy server that provides a 407 HTTP status code accompanied by web script, as demonstrated by a phishing attack on an HTTPS site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0776",
"url": "https://www.suse.com/security/cve/CVE-2013-0776"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0776",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0776"
},
{
"cve": "CVE-2013-0780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0780"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsOverflowContinuationTracker::Finish function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document that uses Cascading Style Sheets (CSS) -moz-column-* properties.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0780",
"url": "https://www.suse.com/security/cve/CVE-2013-0780"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0780",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0780"
},
{
"cve": "CVE-2013-0782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0782"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0782",
"url": "https://www.suse.com/security/cve/CVE-2013-0782"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0782",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0782"
},
{
"cve": "CVE-2013-0783",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0783"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0783",
"url": "https://www.suse.com/security/cve/CVE-2013-0783"
},
{
"category": "external",
"summary": "SUSE Bug 804248 for CVE-2013-0783",
"url": "https://bugzilla.suse.com/804248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0783"
},
{
"cve": "CVE-2013-0787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0787"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey before 2.16.1 allows remote attackers to execute arbitrary code via vectors involving an execCommand call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0787",
"url": "https://www.suse.com/security/cve/CVE-2013-0787"
},
{
"category": "external",
"summary": "SUSE Bug 808243 for CVE-2013-0787",
"url": "https://bugzilla.suse.com/808243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0787"
},
{
"cve": "CVE-2013-0788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0788"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0788",
"url": "https://www.suse.com/security/cve/CVE-2013-0788"
},
{
"category": "external",
"summary": "SUSE Bug 813026 for CVE-2013-0788",
"url": "https://bugzilla.suse.com/813026"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0788",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0788"
},
{
"cve": "CVE-2013-0789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0789"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0 and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsContentUtils::HoldJSObjects function and the nsAutoPtr class, and other vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0789",
"url": "https://www.suse.com/security/cve/CVE-2013-0789"
},
{
"category": "external",
"summary": "SUSE Bug 813026 for CVE-2013-0789",
"url": "https://bugzilla.suse.com/813026"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0789",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0789"
},
{
"cve": "CVE-2013-0793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0793"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 do not ensure the correctness of the address bar during history navigation, which allows remote attackers to conduct cross-site scripting (XSS) attacks or phishing attacks by leveraging control over navigation timing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0793",
"url": "https://www.suse.com/security/cve/CVE-2013-0793"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0793",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0793"
},
{
"cve": "CVE-2013-0795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0795"
}
],
"notes": [
{
"category": "general",
"text": "The System Only Wrapper (SOW) implementation in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 does not prevent use of the cloneNode method for cloning a protected node, which allows remote attackers to bypass the Same Origin Policy or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0795",
"url": "https://www.suse.com/security/cve/CVE-2013-0795"
},
{
"category": "external",
"summary": "SUSE Bug 813026 for CVE-2013-0795",
"url": "https://bugzilla.suse.com/813026"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0795",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0795"
},
{
"cve": "CVE-2013-0796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0796"
}
],
"notes": [
{
"category": "general",
"text": "The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 on Linux does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (free of unallocated memory) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0796",
"url": "https://www.suse.com/security/cve/CVE-2013-0796"
},
{
"category": "external",
"summary": "SUSE Bug 813026 for CVE-2013-0796",
"url": "https://bugzilla.suse.com/813026"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0796",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0796"
},
{
"cve": "CVE-2013-0800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0800"
}
],
"notes": [
{
"category": "general",
"text": "Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0800",
"url": "https://www.suse.com/security/cve/CVE-2013-0800"
},
{
"category": "external",
"summary": "SUSE Bug 813026 for CVE-2013-0800",
"url": "https://bugzilla.suse.com/813026"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0800",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0800"
},
{
"cve": "CVE-2013-0801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0801"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0801",
"url": "https://www.suse.com/security/cve/CVE-2013-0801"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-0801",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-0801"
},
{
"cve": "CVE-2013-1669",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1669"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1669",
"url": "https://www.suse.com/security/cve/CVE-2013-1669"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-1669",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1669"
},
{
"cve": "CVE-2013-1670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1670"
}
],
"notes": [
{
"category": "general",
"text": "The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 does not prevent acquisition of chrome privileges during calls to content level constructors, which allows remote attackers to bypass certain read-only restrictions and conduct cross-site scripting (XSS) attacks via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1670",
"url": "https://www.suse.com/security/cve/CVE-2013-1670"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-1670",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1670"
},
{
"cve": "CVE-2013-1674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1674"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code via vectors involving an onresize event during the playing of a video.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1674",
"url": "https://www.suse.com/security/cve/CVE-2013-1674"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-1674",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1674"
},
{
"cve": "CVE-2013-1675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1675"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1675",
"url": "https://www.suse.com/security/cve/CVE-2013-1675"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-1675",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1675"
},
{
"cve": "CVE-2013-1676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1676"
}
],
"notes": [
{
"category": "general",
"text": "The SelectionIterator::GetNextSegment function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1676",
"url": "https://www.suse.com/security/cve/CVE-2013-1676"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-1676",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1676"
},
{
"cve": "CVE-2013-1677",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1677"
}
],
"notes": [
{
"category": "general",
"text": "The gfxSkipCharsIterator::SetOffsets function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1677",
"url": "https://www.suse.com/security/cve/CVE-2013-1677"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-1677",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1677"
},
{
"cve": "CVE-2013-1678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1678"
}
],
"notes": [
{
"category": "general",
"text": "The _cairo_xlib_surface_add_glyph function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1678",
"url": "https://www.suse.com/security/cve/CVE-2013-1678"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-1678",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1678"
},
{
"cve": "CVE-2013-1679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1679"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::plugins::child::_geturlnotify function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1679",
"url": "https://www.suse.com/security/cve/CVE-2013-1679"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-1679",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1679"
},
{
"cve": "CVE-2013-1680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1680"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1680",
"url": "https://www.suse.com/security/cve/CVE-2013-1680"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-1680",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1680"
},
{
"cve": "CVE-2013-1681",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1681"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsContentUtils::RemoveScriptBlocker function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1681",
"url": "https://www.suse.com/security/cve/CVE-2013-1681"
},
{
"category": "external",
"summary": "SUSE Bug 819204 for CVE-2013-1681",
"url": "https://bugzilla.suse.com/819204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1681"
},
{
"cve": "CVE-2013-1682",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1682"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1682",
"url": "https://www.suse.com/security/cve/CVE-2013-1682"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1682",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1682"
},
{
"cve": "CVE-2013-1684",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1684"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::dom::HTMLMediaElement::LookupMediaElementURITable function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1684",
"url": "https://www.suse.com/security/cve/CVE-2013-1684"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1684",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1684"
},
{
"cve": "CVE-2013-1685",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1685"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsIDocument::GetRootElement function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1685",
"url": "https://www.suse.com/security/cve/CVE-2013-1685"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1685",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1685"
},
{
"cve": "CVE-2013-1686",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1686"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::ResetDir function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1686",
"url": "https://www.suse.com/security/cve/CVE-2013-1686"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1686",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1686"
},
{
"cve": "CVE-2013-1687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1687"
}
],
"notes": [
{
"category": "general",
"text": "The System Only Wrapper (SOW) and Chrome Object Wrapper (COW) implementations in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly restrict XBL user-defined functions, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges, or conduct cross-site scripting (XSS) attacks, via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1687",
"url": "https://www.suse.com/security/cve/CVE-2013-1687"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1687",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1687"
},
{
"cve": "CVE-2013-1690",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1690"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1690",
"url": "https://www.suse.com/security/cve/CVE-2013-1690"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1690",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1690"
},
{
"cve": "CVE-2013-1692",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1692"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not prevent the inclusion of body data in an XMLHttpRequest HEAD request, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1692",
"url": "https://www.suse.com/security/cve/CVE-2013-1692"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1692",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1692"
},
{
"cve": "CVE-2013-1693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1693"
}
],
"notes": [
{
"category": "general",
"text": "The SVG filter implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to read pixel values, and possibly bypass the Same Origin Policy and read text from a different domain, by observing timing differences in execution of filter code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1693",
"url": "https://www.suse.com/security/cve/CVE-2013-1693"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1693",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1693"
},
{
"cve": "CVE-2013-1694",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1694"
}
],
"notes": [
{
"category": "general",
"text": "The PreserveWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly handle the lack of a wrapper, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by leveraging unintended clearing of the wrapper cache\u0027s preserved-wrapper flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1694",
"url": "https://www.suse.com/security/cve/CVE-2013-1694"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1694",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1694"
},
{
"cve": "CVE-2013-1697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1697"
}
],
"notes": [
{
"category": "general",
"text": "The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers use of a user-defined (1) toString or (2) valueOf method.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1697",
"url": "https://www.suse.com/security/cve/CVE-2013-1697"
},
{
"category": "external",
"summary": "SUSE Bug 825935 for CVE-2013-1697",
"url": "https://bugzilla.suse.com/825935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1697"
},
{
"cve": "CVE-2013-1701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1701"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1701",
"url": "https://www.suse.com/security/cve/CVE-2013-1701"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1701",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1701"
},
{
"cve": "CVE-2013-1709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1709"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly handle the interaction between FRAME elements and history, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving spoofing a relative location in a previously visited document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1709",
"url": "https://www.suse.com/security/cve/CVE-2013-1709"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1709",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1709"
},
{
"cve": "CVE-2013-1710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1710"
}
],
"notes": [
{
"category": "general",
"text": "The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allows remote attackers to execute arbitrary JavaScript code or conduct cross-site scripting (XSS) attacks via vectors related to Certificate Request Message Format (CRMF) request generation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1710",
"url": "https://www.suse.com/security/cve/CVE-2013-1710"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1710",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1710"
},
{
"cve": "CVE-2013-1713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1713"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 use an incorrect URI within unspecified comparisons during enforcement of the Same Origin Policy, which allows remote attackers to conduct cross-site scripting (XSS) attacks or install arbitrary add-ons via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1713",
"url": "https://www.suse.com/security/cve/CVE-2013-1713"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1713",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1713"
},
{
"cve": "CVE-2013-1714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1714"
}
],
"notes": [
{
"category": "general",
"text": "The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 does not properly restrict XMLHttpRequest calls, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1714",
"url": "https://www.suse.com/security/cve/CVE-2013-1714"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1714",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1714"
},
{
"cve": "CVE-2013-1717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1717"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a download to a fixed pathname or other predictable pathname.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1717",
"url": "https://www.suse.com/security/cve/CVE-2013-1717"
},
{
"category": "external",
"summary": "SUSE Bug 833389 for CVE-2013-1717",
"url": "https://bugzilla.suse.com/833389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1717"
},
{
"cve": "CVE-2013-1718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1718"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1718",
"url": "https://www.suse.com/security/cve/CVE-2013-1718"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1718",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1718"
},
{
"cve": "CVE-2013-1719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1719"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1719",
"url": "https://www.suse.com/security/cve/CVE-2013-1719"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1719",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1719"
},
{
"cve": "CVE-2013-1720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1720"
}
],
"notes": [
{
"category": "general",
"text": "The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tree Builder in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 does not properly maintain the state of the insertion-mode stack for template elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer over-read) by triggering use of this stack in its empty state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1720",
"url": "https://www.suse.com/security/cve/CVE-2013-1720"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1720",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1720"
},
{
"cve": "CVE-2013-1722",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1722"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsAnimationManager::BuildAnimations function in the Animation Manager in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving stylesheet cloning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1722",
"url": "https://www.suse.com/security/cve/CVE-2013-1722"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1722",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1722"
},
{
"cve": "CVE-2013-1723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1723"
}
],
"notes": [
{
"category": "general",
"text": "The NativeKey widget in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 processes key messages after destruction by a dispatched event listener, which allows remote attackers to cause a denial of service (application crash) by leveraging incorrect event usage after widget-memory reallocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1723",
"url": "https://www.suse.com/security/cve/CVE-2013-1723"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1723",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1723"
},
{
"cve": "CVE-2013-1724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1724"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::dom::HTMLFormElement::IsDefaultSubmitElement function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a destroyed SELECT element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1724",
"url": "https://www.suse.com/security/cve/CVE-2013-1724"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1724",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1724"
},
{
"cve": "CVE-2013-1725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1725"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not ensure that initialization occurs for JavaScript objects with compartments, which allows remote attackers to execute arbitrary code by leveraging incorrect scope handling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1725",
"url": "https://www.suse.com/security/cve/CVE-2013-1725"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1725",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1725"
},
{
"cve": "CVE-2013-1728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1728"
}
],
"notes": [
{
"category": "general",
"text": "The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21, when Valgrind mode is used, does not properly initialize memory, which makes it easier for remote attackers to obtain sensitive information via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1728",
"url": "https://www.suse.com/security/cve/CVE-2013-1728"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1728",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1728"
},
{
"cve": "CVE-2013-1730",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1730"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows remote attackers to execute arbitrary code or cause a denial of service (JavaScript compartment mismatch, or assertion failure and application exit) via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1730",
"url": "https://www.suse.com/security/cve/CVE-2013-1730"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1730",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1730"
},
{
"cve": "CVE-2013-1732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1732"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via crafted use of lists and floats within a multi-column layout.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1732",
"url": "https://www.suse.com/security/cve/CVE-2013-1732"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1732",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1732"
},
{
"cve": "CVE-2013-1735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1735"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via vectors related to image-document scrolling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1735",
"url": "https://www.suse.com/security/cve/CVE-2013-1735"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1735",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1735"
},
{
"cve": "CVE-2013-1736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1736"
}
],
"notes": [
{
"category": "general",
"text": "The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to improperly establishing parent-child relationships of range-request nodes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1736",
"url": "https://www.suse.com/security/cve/CVE-2013-1736"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1736",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-1736"
},
{
"cve": "CVE-2013-1737",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1737"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the \"this\" object during use of user-defined getter methods on DOM proxies, which might allow remote attackers to bypass intended access restrictions via vectors involving an expando object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1737",
"url": "https://www.suse.com/security/cve/CVE-2013-1737"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1737",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1737"
},
{
"cve": "CVE-2013-1738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1738"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the JS_GetGlobalForScopeChain function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code by leveraging incorrect garbage collection in situations involving default compartments and frame-chain restoration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1738",
"url": "https://www.suse.com/security/cve/CVE-2013-1738"
},
{
"category": "external",
"summary": "SUSE Bug 840485 for CVE-2013-1738",
"url": "https://bugzilla.suse.com/840485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1738"
},
{
"cve": "CVE-2013-5590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5590"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5590",
"url": "https://www.suse.com/security/cve/CVE-2013-5590"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5590",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5590"
},
{
"cve": "CVE-2013-5591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5591"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5591",
"url": "https://www.suse.com/security/cve/CVE-2013-5591"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5591",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5591"
},
{
"cve": "CVE-2013-5592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5592"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5592",
"url": "https://www.suse.com/security/cve/CVE-2013-5592"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5592",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5592"
},
{
"cve": "CVE-2013-5593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5593"
}
],
"notes": [
{
"category": "general",
"text": "The SELECT element implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly restrict the nature or placement of HTML within a dropdown menu, which allows remote attackers to spoof the address bar or conduct clickjacking attacks via vectors that trigger navigation off of a page containing this element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5593",
"url": "https://www.suse.com/security/cve/CVE-2013-5593"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5593",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5593"
},
{
"cve": "CVE-2013-5595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5595"
}
],
"notes": [
{
"category": "general",
"text": "The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly allocate memory for unspecified functions, which allows remote attackers to conduct buffer overflow attacks via a crafted web page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5595",
"url": "https://www.suse.com/security/cve/CVE-2013-5595"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5595",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5595"
},
{
"cve": "CVE-2013-5596",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5596"
}
],
"notes": [
{
"category": "general",
"text": "The cycle collection (CC) implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial of service (race condition and application crash) via a large HTML document containing IMG elements, as demonstrated by the Never-Ending Reddit on reddit.com.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5596",
"url": "https://www.suse.com/security/cve/CVE-2013-5596"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5596",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5596"
},
{
"cve": "CVE-2013-5597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5597"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a state-change event during an update of the offline cache.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5597",
"url": "https://www.suse.com/security/cve/CVE-2013-5597"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5597",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5597"
},
{
"cve": "CVE-2013-5599",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5599"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a CANVAS element, a mozTextStyle attribute, and an onresize event.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5599",
"url": "https://www.suse.com/security/cve/CVE-2013-5599"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5599",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5599"
},
{
"cve": "CVE-2013-5600",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5600"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsIOService::NewChannelFromURIWithProxyFlags function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors involving a blob: URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5600",
"url": "https://www.suse.com/security/cve/CVE-2013-5600"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5600",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5600"
},
{
"cve": "CVE-2013-5601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5601"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsEventListenerManager::SetEventHandler function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors related to a memory allocation through the garbage collection (GC) API.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5601",
"url": "https://www.suse.com/security/cve/CVE-2013-5601"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5601",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5601"
},
{
"cve": "CVE-2013-5602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5602"
}
],
"notes": [
{
"category": "general",
"text": "The Worker::SetEventListener function in the Web workers implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to direct proxies.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5602",
"url": "https://www.suse.com/security/cve/CVE-2013-5602"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5602",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5602"
},
{
"cve": "CVE-2013-5603",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5603"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsContentUtils::ContentIsHostIncludingDescendantOf function in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving HTML document templates.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5603",
"url": "https://www.suse.com/security/cve/CVE-2013-5603"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5603",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5603"
},
{
"cve": "CVE-2013-5604",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5604"
}
],
"notes": [
{
"category": "general",
"text": "The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via crafted documents.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5604",
"url": "https://www.suse.com/security/cve/CVE-2013-5604"
},
{
"category": "external",
"summary": "SUSE Bug 847708 for CVE-2013-5604",
"url": "https://bugzilla.suse.com/847708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-5604"
},
{
"cve": "CVE-2013-5609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5609"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5609",
"url": "https://www.suse.com/security/cve/CVE-2013-5609"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5609",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-5609"
},
{
"cve": "CVE-2013-5610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5610"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5610",
"url": "https://www.suse.com/security/cve/CVE-2013-5610"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5610",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-5610"
},
{
"cve": "CVE-2013-5613",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5613"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5613",
"url": "https://www.suse.com/security/cve/CVE-2013-5613"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5613",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-5613"
},
{
"cve": "CVE-2013-5615",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5615"
}
],
"notes": [
{
"category": "general",
"text": "The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5615",
"url": "https://www.suse.com/security/cve/CVE-2013-5615"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5615",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-5615"
},
{
"cve": "CVE-2013-5616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5616"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5616",
"url": "https://www.suse.com/security/cve/CVE-2013-5616"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5616",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-5616"
},
{
"cve": "CVE-2013-5618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5618"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by triggering improper garbage collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5618",
"url": "https://www.suse.com/security/cve/CVE-2013-5618"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-5618",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-5618"
},
{
"cve": "CVE-2013-6629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6629"
}
],
"notes": [
{
"category": "general",
"text": "The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6629",
"url": "https://www.suse.com/security/cve/CVE-2013-6629"
},
{
"category": "external",
"summary": "SUSE Bug 850430 for CVE-2013-6629",
"url": "https://bugzilla.suse.com/850430"
},
{
"category": "external",
"summary": "SUSE Bug 873872 for CVE-2013-6629",
"url": "https://bugzilla.suse.com/873872"
},
{
"category": "external",
"summary": "SUSE Bug 873873 for CVE-2013-6629",
"url": "https://bugzilla.suse.com/873873"
},
{
"category": "external",
"summary": "SUSE Bug 877429 for CVE-2013-6629",
"url": "https://bugzilla.suse.com/877429"
},
{
"category": "external",
"summary": "SUSE Bug 877430 for CVE-2013-6629",
"url": "https://bugzilla.suse.com/877430"
},
{
"category": "external",
"summary": "SUSE Bug 880246 for CVE-2013-6629",
"url": "https://bugzilla.suse.com/880246"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6629"
},
{
"cve": "CVE-2013-6630",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6630"
}
],
"notes": [
{
"category": "general",
"text": "The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6630",
"url": "https://www.suse.com/security/cve/CVE-2013-6630"
},
{
"category": "external",
"summary": "SUSE Bug 850430 for CVE-2013-6630",
"url": "https://bugzilla.suse.com/850430"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6630"
},
{
"cve": "CVE-2013-6671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6671"
}
],
"notes": [
{
"category": "general",
"text": "The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6671",
"url": "https://www.suse.com/security/cve/CVE-2013-6671"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-6671",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-6671"
},
{
"cve": "CVE-2013-6673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6673"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user\u0027s removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6673",
"url": "https://www.suse.com/security/cve/CVE-2013-6673"
},
{
"category": "external",
"summary": "SUSE Bug 854370 for CVE-2013-6673",
"url": "https://bugzilla.suse.com/854370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6673"
},
{
"cve": "CVE-2014-1477",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1477"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1477",
"url": "https://www.suse.com/security/cve/CVE-2014-1477"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1477",
"url": "https://bugzilla.suse.com/861847"
},
{
"category": "external",
"summary": "SUSE Bug 862345 for CVE-2014-1477",
"url": "https://bugzilla.suse.com/862345"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1477"
},
{
"cve": "CVE-2014-1478",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1478"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the MPostWriteBarrier class in js/src/jit/MIR.h and stack alignment in js/src/jit/AsmJS.cpp in OdinMonkey, and unknown other vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1478",
"url": "https://www.suse.com/security/cve/CVE-2014-1478"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1478",
"url": "https://bugzilla.suse.com/861847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1478"
},
{
"cve": "CVE-2014-1479",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1479"
}
],
"notes": [
{
"category": "general",
"text": "The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1479",
"url": "https://www.suse.com/security/cve/CVE-2014-1479"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1479",
"url": "https://bugzilla.suse.com/861847"
},
{
"category": "external",
"summary": "SUSE Bug 862348 for CVE-2014-1479",
"url": "https://bugzilla.suse.com/862348"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1479"
},
{
"cve": "CVE-2014-1481",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1481"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1481",
"url": "https://www.suse.com/security/cve/CVE-2014-1481"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1481",
"url": "https://bugzilla.suse.com/861847"
},
{
"category": "external",
"summary": "SUSE Bug 862309 for CVE-2014-1481",
"url": "https://bugzilla.suse.com/862309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1481"
},
{
"cve": "CVE-2014-1482",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1482"
}
],
"notes": [
{
"category": "general",
"text": "RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1482",
"url": "https://www.suse.com/security/cve/CVE-2014-1482"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1482",
"url": "https://bugzilla.suse.com/861847"
},
{
"category": "external",
"summary": "SUSE Bug 862356 for CVE-2014-1482",
"url": "https://bugzilla.suse.com/862356"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1482"
},
{
"cve": "CVE-2014-1486",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1486"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1486",
"url": "https://www.suse.com/security/cve/CVE-2014-1486"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1486",
"url": "https://bugzilla.suse.com/861847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1486"
},
{
"cve": "CVE-2014-1487",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1487"
}
],
"notes": [
{
"category": "general",
"text": "The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1487",
"url": "https://www.suse.com/security/cve/CVE-2014-1487"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1487",
"url": "https://bugzilla.suse.com/861847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1487"
},
{
"cve": "CVE-2014-1490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1490"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1490",
"url": "https://www.suse.com/security/cve/CVE-2014-1490"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1490",
"url": "https://bugzilla.suse.com/861847"
},
{
"category": "external",
"summary": "SUSE Bug 862300 for CVE-2014-1490",
"url": "https://bugzilla.suse.com/862300"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1490"
},
{
"cve": "CVE-2014-1491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1491"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote attackers to bypass cryptographic protection mechanisms in ticket handling by leveraging use of a certain value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1491",
"url": "https://www.suse.com/security/cve/CVE-2014-1491"
},
{
"category": "external",
"summary": "SUSE Bug 861847 for CVE-2014-1491",
"url": "https://bugzilla.suse.com/861847"
},
{
"category": "external",
"summary": "SUSE Bug 862289 for CVE-2014-1491",
"url": "https://bugzilla.suse.com/862289"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1491"
},
{
"cve": "CVE-2014-1493",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1493"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1493",
"url": "https://www.suse.com/security/cve/CVE-2014-1493"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1493",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1493"
},
{
"cve": "CVE-2014-1494",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1494"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1494",
"url": "https://www.suse.com/security/cve/CVE-2014-1494"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1494",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1494"
},
{
"cve": "CVE-2014-1497",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1497"
}
],
"notes": [
{
"category": "general",
"text": "The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1497",
"url": "https://www.suse.com/security/cve/CVE-2014-1497"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1497",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1497"
},
{
"cve": "CVE-2014-1505",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1505"
}
],
"notes": [
{
"category": "general",
"text": "The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different domain, via a timing attack involving feDisplacementMap elements, a related issue to CVE-2013-1693.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1505",
"url": "https://www.suse.com/security/cve/CVE-2014-1505"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1505",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1505"
},
{
"cve": "CVE-2014-1508",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1508"
}
],
"notes": [
{
"category": "general",
"text": "The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1508",
"url": "https://www.suse.com/security/cve/CVE-2014-1508"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1508",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1508"
},
{
"cve": "CVE-2014-1509",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1509"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1509",
"url": "https://www.suse.com/security/cve/CVE-2014-1509"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1509",
"url": "https://bugzilla.suse.com/868603"
},
{
"category": "external",
"summary": "SUSE Bug 869339 for CVE-2014-1509",
"url": "https://bugzilla.suse.com/869339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1509"
},
{
"cve": "CVE-2014-1510",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1510"
}
],
"notes": [
{
"category": "general",
"text": "The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1510",
"url": "https://www.suse.com/security/cve/CVE-2014-1510"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1510",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1510"
},
{
"cve": "CVE-2014-1511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1511"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1511",
"url": "https://www.suse.com/security/cve/CVE-2014-1511"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1511",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1511"
},
{
"cve": "CVE-2014-1512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1512"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1512",
"url": "https://www.suse.com/security/cve/CVE-2014-1512"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1512",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1512"
},
{
"cve": "CVE-2014-1513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1513"
}
],
"notes": [
{
"category": "general",
"text": "TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1513",
"url": "https://www.suse.com/security/cve/CVE-2014-1513"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1513",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1513"
},
{
"cve": "CVE-2014-1514",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1514"
}
],
"notes": [
{
"category": "general",
"text": "vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1514",
"url": "https://www.suse.com/security/cve/CVE-2014-1514"
},
{
"category": "external",
"summary": "SUSE Bug 868603 for CVE-2014-1514",
"url": "https://bugzilla.suse.com/868603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1514"
},
{
"cve": "CVE-2014-1518",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1518"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1518",
"url": "https://www.suse.com/security/cve/CVE-2014-1518"
},
{
"category": "external",
"summary": "SUSE Bug 875803 for CVE-2014-1518",
"url": "https://bugzilla.suse.com/875803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1518"
},
{
"cve": "CVE-2014-1523",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1523"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1523",
"url": "https://www.suse.com/security/cve/CVE-2014-1523"
},
{
"category": "external",
"summary": "SUSE Bug 875803 for CVE-2014-1523",
"url": "https://bugzilla.suse.com/875803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1523"
},
{
"cve": "CVE-2014-1524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1524"
}
],
"notes": [
{
"category": "general",
"text": "The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted JavaScript code that accesses a non-XBL object as if it were an XBL object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1524",
"url": "https://www.suse.com/security/cve/CVE-2014-1524"
},
{
"category": "external",
"summary": "SUSE Bug 875803 for CVE-2014-1524",
"url": "https://bugzilla.suse.com/875803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1524"
},
{
"cve": "CVE-2014-1529",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1529"
}
],
"notes": [
{
"category": "general",
"text": "The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1529",
"url": "https://www.suse.com/security/cve/CVE-2014-1529"
},
{
"category": "external",
"summary": "SUSE Bug 875803 for CVE-2014-1529",
"url": "https://bugzilla.suse.com/875803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1529"
},
{
"cve": "CVE-2014-1530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1530"
}
],
"notes": [
{
"category": "general",
"text": "The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-site scripting (XSS) attacks, via a crafted web site that performs history navigation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1530",
"url": "https://www.suse.com/security/cve/CVE-2014-1530"
},
{
"category": "external",
"summary": "SUSE Bug 875378 for CVE-2014-1530",
"url": "https://bugzilla.suse.com/875378"
},
{
"category": "external",
"summary": "SUSE Bug 875803 for CVE-2014-1530",
"url": "https://bugzilla.suse.com/875803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1530"
},
{
"cve": "CVE-2014-1531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1531"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving an imgLoader object that is not properly handled during an image-resize operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1531",
"url": "https://www.suse.com/security/cve/CVE-2014-1531"
},
{
"category": "external",
"summary": "SUSE Bug 875803 for CVE-2014-1531",
"url": "https://bugzilla.suse.com/875803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1531"
},
{
"cve": "CVE-2014-1532",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1532"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to host resolution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1532",
"url": "https://www.suse.com/security/cve/CVE-2014-1532"
},
{
"category": "external",
"summary": "SUSE Bug 875803 for CVE-2014-1532",
"url": "https://bugzilla.suse.com/875803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1532"
},
{
"cve": "CVE-2014-1533",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1533"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1533",
"url": "https://www.suse.com/security/cve/CVE-2014-1533"
},
{
"category": "external",
"summary": "SUSE Bug 881874 for CVE-2014-1533",
"url": "https://bugzilla.suse.com/881874"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1533"
},
{
"cve": "CVE-2014-1534",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1534"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1534",
"url": "https://www.suse.com/security/cve/CVE-2014-1534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1534"
},
{
"cve": "CVE-2014-1536",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1536"
}
],
"notes": [
{
"category": "general",
"text": "The PropertyProvider::FindJustificationRange function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1536",
"url": "https://www.suse.com/security/cve/CVE-2014-1536"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1536"
},
{
"cve": "CVE-2014-1537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1537"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::dom::workers::WorkerPrivateParent function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1537",
"url": "https://www.suse.com/security/cve/CVE-2014-1537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1537"
},
{
"cve": "CVE-2014-1538",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1538"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1538",
"url": "https://www.suse.com/security/cve/CVE-2014-1538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1538"
},
{
"cve": "CVE-2014-1541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1541"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1541",
"url": "https://www.suse.com/security/cve/CVE-2014-1541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1541"
},
{
"cve": "CVE-2014-1544",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1544"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1544",
"url": "https://www.suse.com/security/cve/CVE-2014-1544"
},
{
"category": "external",
"summary": "SUSE Bug 887746 for CVE-2014-1544",
"url": "https://bugzilla.suse.com/887746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1544"
},
{
"cve": "CVE-2014-1545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1545"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1545",
"url": "https://www.suse.com/security/cve/CVE-2014-1545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1545"
},
{
"cve": "CVE-2014-1547",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1547"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1547",
"url": "https://www.suse.com/security/cve/CVE-2014-1547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1547"
},
{
"cve": "CVE-2014-1548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1548"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1548",
"url": "https://www.suse.com/security/cve/CVE-2014-1548"
},
{
"category": "external",
"summary": "SUSE Bug 887746 for CVE-2014-1548",
"url": "https://bugzilla.suse.com/887746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1548"
},
{
"cve": "CVE-2014-1553",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1553"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1553",
"url": "https://www.suse.com/security/cve/CVE-2014-1553"
},
{
"category": "external",
"summary": "SUSE Bug 894370 for CVE-2014-1553",
"url": "https://bugzilla.suse.com/894370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1553"
},
{
"cve": "CVE-2014-1555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1555"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsDocLoader::OnProgress function in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allows remote attackers to execute arbitrary code via vectors that trigger a FireOnStateChange event.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1555",
"url": "https://www.suse.com/security/cve/CVE-2014-1555"
},
{
"category": "external",
"summary": "SUSE Bug 887746 for CVE-2014-1555",
"url": "https://bugzilla.suse.com/887746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1555"
},
{
"cve": "CVE-2014-1556",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1556"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to execute arbitrary code via crafted WebGL content constructed with the Cesium JavaScript library.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1556",
"url": "https://www.suse.com/security/cve/CVE-2014-1556"
},
{
"category": "external",
"summary": "SUSE Bug 887746 for CVE-2014-1556",
"url": "https://bugzilla.suse.com/887746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1556"
},
{
"cve": "CVE-2014-1557",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1557"
}
],
"notes": [
{
"category": "general",
"text": "The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolonged image scaling, as demonstrated by scaling of a high-quality image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1557",
"url": "https://www.suse.com/security/cve/CVE-2014-1557"
},
{
"category": "external",
"summary": "SUSE Bug 887746 for CVE-2014-1557",
"url": "https://bugzilla.suse.com/887746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1557"
},
{
"cve": "CVE-2014-1562",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1562"
}
],
"notes": [
{
"category": "general",
"text": "Unspecified vulnerability in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1562",
"url": "https://www.suse.com/security/cve/CVE-2014-1562"
},
{
"category": "external",
"summary": "SUSE Bug 894370 for CVE-2014-1562",
"url": "https://bugzilla.suse.com/894370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1562"
},
{
"cve": "CVE-2014-1563",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1563"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incorrect cycle collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1563",
"url": "https://www.suse.com/security/cve/CVE-2014-1563"
},
{
"category": "external",
"summary": "SUSE Bug 894370 for CVE-2014-1563",
"url": "https://bugzilla.suse.com/894370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1563"
},
{
"cve": "CVE-2014-1564",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1564"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 do not properly initialize memory for GIF rendering, which allows remote attackers to obtain sensitive information from process memory via crafted web script that interacts with a CANVAS element associated with a malformed GIF image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1564",
"url": "https://www.suse.com/security/cve/CVE-2014-1564"
},
{
"category": "external",
"summary": "SUSE Bug 894370 for CVE-2014-1564",
"url": "https://bugzilla.suse.com/894370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1564"
},
{
"cve": "CVE-2014-1565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1565"
}
],
"notes": [
{
"category": "general",
"text": "The mozilla::dom::AudioEventTimeline function in the Web Audio API implementation in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 does not properly create audio timelines, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via crafted API calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1565",
"url": "https://www.suse.com/security/cve/CVE-2014-1565"
},
{
"category": "external",
"summary": "SUSE Bug 894370 for CVE-2014-1565",
"url": "https://bugzilla.suse.com/894370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1565"
},
{
"cve": "CVE-2014-1567",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1567"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and layout.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1567",
"url": "https://www.suse.com/security/cve/CVE-2014-1567"
},
{
"category": "external",
"summary": "SUSE Bug 894370 for CVE-2014-1567",
"url": "https://bugzilla.suse.com/894370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2014-1567"
},
{
"cve": "CVE-2014-1574",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1574"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1574",
"url": "https://www.suse.com/security/cve/CVE-2014-1574"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1574",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1574"
},
{
"cve": "CVE-2014-1576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1576"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsTransformedTextRun function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via Cascading Style Sheets (CSS) token sequences that trigger changes to capitalization style.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1576",
"url": "https://www.suse.com/security/cve/CVE-2014-1576"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1576",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1576"
},
{
"cve": "CVE-2014-1577",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1577"
}
],
"notes": [
{
"category": "general",
"text": "The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via an invalid custom waveform that triggers a calculation of a negative frequency value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1577",
"url": "https://www.suse.com/security/cve/CVE-2014-1577"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1577",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1577"
},
{
"cve": "CVE-2014-1578",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1578"
}
],
"notes": [
{
"category": "general",
"text": "The get_tile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly execute arbitrary code via WebM frames with invalid tile sizes that are improperly handled in buffering operations during video playback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1578",
"url": "https://www.suse.com/security/cve/CVE-2014-1578"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1578",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1578"
},
{
"cve": "CVE-2014-1581",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1581"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and layout.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1581",
"url": "https://www.suse.com/security/cve/CVE-2014-1581"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1581",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1581"
},
{
"cve": "CVE-2014-1585",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1585"
}
],
"notes": [
{
"category": "general",
"text": "The WebRTC video-sharing feature in dom/media/MediaManager.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not properly recognize Stop Sharing actions for videos in IFRAME elements, which allows remote attackers to obtain sensitive information from the local camera by maintaining a session after the user tries to discontinue streaming.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1585",
"url": "https://www.suse.com/security/cve/CVE-2014-1585"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1585",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1585"
},
{
"cve": "CVE-2014-1586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1586"
}
],
"notes": [
{
"category": "general",
"text": "content/base/src/nsDocument.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not consider whether WebRTC video sharing is occurring, which allows remote attackers to obtain sensitive information from the local camera in certain IFRAME situations by maintaining a session after the user temporarily navigates away.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1586",
"url": "https://www.suse.com/security/cve/CVE-2014-1586"
},
{
"category": "external",
"summary": "SUSE Bug 900941 for CVE-2014-1586",
"url": "https://bugzilla.suse.com/900941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-1586"
},
{
"cve": "CVE-2014-1587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1587"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1587",
"url": "https://www.suse.com/security/cve/CVE-2014-1587"
},
{
"category": "external",
"summary": "SUSE Bug 908009 for CVE-2014-1587",
"url": "https://bugzilla.suse.com/908009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1587"
},
{
"cve": "CVE-2014-1590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1590"
}
],
"notes": [
{
"category": "general",
"text": "The XMLHttpRequest.prototype.send method in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to cause a denial of service (application crash) via a crafted JavaScript object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1590",
"url": "https://www.suse.com/security/cve/CVE-2014-1590"
},
{
"category": "external",
"summary": "SUSE Bug 908009 for CVE-2014-1590",
"url": "https://bugzilla.suse.com/908009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1590"
},
{
"cve": "CVE-2014-1592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1592"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsHtml5TreeOperation function in xul.dll in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code by adding a second root element to an HTML5 document during parsing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1592",
"url": "https://www.suse.com/security/cve/CVE-2014-1592"
},
{
"category": "external",
"summary": "SUSE Bug 908009 for CVE-2014-1592",
"url": "https://bugzilla.suse.com/908009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1592"
},
{
"cve": "CVE-2014-1593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1593"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer overflow in the mozilla::FileBlockCache::Read function in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code via crafted media content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1593",
"url": "https://www.suse.com/security/cve/CVE-2014-1593"
},
{
"category": "external",
"summary": "SUSE Bug 908009 for CVE-2014-1593",
"url": "https://bugzilla.suse.com/908009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1593"
},
{
"cve": "CVE-2014-1594",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1594"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 might allow remote attackers to execute arbitrary code by leveraging an incorrect cast from the BasicThebesLayer data type to the BasicContainerLayer data type.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1594",
"url": "https://www.suse.com/security/cve/CVE-2014-1594"
},
{
"category": "external",
"summary": "SUSE Bug 908009 for CVE-2014-1594",
"url": "https://bugzilla.suse.com/908009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1594"
},
{
"cve": "CVE-2014-8634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8634"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8634",
"url": "https://www.suse.com/security/cve/CVE-2014-8634"
},
{
"category": "external",
"summary": "SUSE Bug 913064 for CVE-2014-8634",
"url": "https://bugzilla.suse.com/913064"
},
{
"category": "external",
"summary": "SUSE Bug 913096 for CVE-2014-8634",
"url": "https://bugzilla.suse.com/913096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-8634"
},
{
"cve": "CVE-2014-8635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8635"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8635",
"url": "https://www.suse.com/security/cve/CVE-2014-8635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-8635"
},
{
"cve": "CVE-2014-8638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8638"
}
],
"notes": [
{
"category": "general",
"text": "The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8638",
"url": "https://www.suse.com/security/cve/CVE-2014-8638"
},
{
"category": "external",
"summary": "SUSE Bug 913068 for CVE-2014-8638",
"url": "https://bugzilla.suse.com/913068"
},
{
"category": "external",
"summary": "SUSE Bug 913096 for CVE-2014-8638",
"url": "https://bugzilla.suse.com/913096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-8638"
},
{
"cve": "CVE-2014-8639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8639"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 do not properly interpret Set-Cookie headers within responses that have a 407 (aka Proxy Authentication Required) status code, which allows remote HTTP proxy servers to conduct session fixation attacks by providing a cookie name that corresponds to the session cookie of the origin server.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8639",
"url": "https://www.suse.com/security/cve/CVE-2014-8639"
},
{
"category": "external",
"summary": "SUSE Bug 913066 for CVE-2014-8639",
"url": "https://bugzilla.suse.com/913066"
},
{
"category": "external",
"summary": "SUSE Bug 913096 for CVE-2014-8639",
"url": "https://bugzilla.suse.com/913096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-8639"
},
{
"cve": "CVE-2015-0801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0801"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving anchor navigation, a similar issue to CVE-2015-0818.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0801",
"url": "https://www.suse.com/security/cve/CVE-2015-0801"
},
{
"category": "external",
"summary": "SUSE Bug 925368 for CVE-2015-0801",
"url": "https://bugzilla.suse.com/925368"
},
{
"category": "external",
"summary": "SUSE Bug 925401 for CVE-2015-0801",
"url": "https://bugzilla.suse.com/925401"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0801"
},
{
"cve": "CVE-2015-0807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0807"
}
],
"notes": [
{
"category": "general",
"text": "The navigator.sendBeacon implementation in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 processes HTTP 30x status codes for redirects after a preflight request has occurred, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site, a similar issue to CVE-2014-8638.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0807",
"url": "https://www.suse.com/security/cve/CVE-2015-0807"
},
{
"category": "external",
"summary": "SUSE Bug 913068 for CVE-2015-0807",
"url": "https://bugzilla.suse.com/913068"
},
{
"category": "external",
"summary": "SUSE Bug 925368 for CVE-2015-0807",
"url": "https://bugzilla.suse.com/925368"
},
{
"category": "external",
"summary": "SUSE Bug 925398 for CVE-2015-0807",
"url": "https://bugzilla.suse.com/925398"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0807"
},
{
"cve": "CVE-2015-0813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0813"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the AppendElements function in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 on Linux, when the Fluendo MP3 plugin for GStreamer is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted MP3 file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0813",
"url": "https://www.suse.com/security/cve/CVE-2015-0813"
},
{
"category": "external",
"summary": "SUSE Bug 925368 for CVE-2015-0813",
"url": "https://bugzilla.suse.com/925368"
},
{
"category": "external",
"summary": "SUSE Bug 925393 for CVE-2015-0813",
"url": "https://bugzilla.suse.com/925393"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0813"
},
{
"cve": "CVE-2015-0815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0815"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0815",
"url": "https://www.suse.com/security/cve/CVE-2015-0815"
},
{
"category": "external",
"summary": "SUSE Bug 925368 for CVE-2015-0815",
"url": "https://bugzilla.suse.com/925368"
},
{
"category": "external",
"summary": "SUSE Bug 925392 for CVE-2015-0815",
"url": "https://bugzilla.suse.com/925392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0815"
},
{
"cve": "CVE-2015-0816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0816"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 do not properly restrict resource: URLs, which makes it easier for remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging the ability to bypass the Same Origin Policy, as demonstrated by the resource: URL associated with PDF.js.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0816",
"url": "https://www.suse.com/security/cve/CVE-2015-0816"
},
{
"category": "external",
"summary": "SUSE Bug 925368 for CVE-2015-0816",
"url": "https://bugzilla.suse.com/925368"
},
{
"category": "external",
"summary": "SUSE Bug 925395 for CVE-2015-0816",
"url": "https://bugzilla.suse.com/925395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0816"
},
{
"cve": "CVE-2015-0822",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0822"
}
],
"notes": [
{
"category": "general",
"text": "The Form Autocompletion feature in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to read arbitrary files via crafted JavaScript code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0822",
"url": "https://www.suse.com/security/cve/CVE-2015-0822"
},
{
"category": "external",
"summary": "SUSE Bug 910669 for CVE-2015-0822",
"url": "https://bugzilla.suse.com/910669"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0822",
"url": "https://bugzilla.suse.com/917597"
},
{
"category": "external",
"summary": "SUSE Bug 923534 for CVE-2015-0822",
"url": "https://bugzilla.suse.com/923534"
},
{
"category": "external",
"summary": "SUSE Bug 924515 for CVE-2015-0822",
"url": "https://bugzilla.suse.com/924515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0822"
},
{
"cve": "CVE-2015-0827",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0827"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the mozilla::gfx::CopyRect function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to obtain sensitive information from uninitialized process memory via a malformed SVG graphic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0827",
"url": "https://www.suse.com/security/cve/CVE-2015-0827"
},
{
"category": "external",
"summary": "SUSE Bug 910669 for CVE-2015-0827",
"url": "https://bugzilla.suse.com/910669"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0827",
"url": "https://bugzilla.suse.com/917597"
},
{
"category": "external",
"summary": "SUSE Bug 923534 for CVE-2015-0827",
"url": "https://bugzilla.suse.com/923534"
},
{
"category": "external",
"summary": "SUSE Bug 924515 for CVE-2015-0827",
"url": "https://bugzilla.suse.com/924515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0827"
},
{
"cve": "CVE-2015-0831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0831"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted content that is improperly handled during IndexedDB index creation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0831",
"url": "https://www.suse.com/security/cve/CVE-2015-0831"
},
{
"category": "external",
"summary": "SUSE Bug 910669 for CVE-2015-0831",
"url": "https://bugzilla.suse.com/910669"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0831",
"url": "https://bugzilla.suse.com/917597"
},
{
"category": "external",
"summary": "SUSE Bug 923534 for CVE-2015-0831",
"url": "https://bugzilla.suse.com/923534"
},
{
"category": "external",
"summary": "SUSE Bug 924515 for CVE-2015-0831",
"url": "https://bugzilla.suse.com/924515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0831"
},
{
"cve": "CVE-2015-0833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0833"
}
],
"notes": [
{
"category": "general",
"text": "Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 on Windows, when the Maintenance Service is not used, allow local users to gain privileges via a Trojan horse DLL in (1) the current working directory or (2) a temporary directory, as demonstrated by bcrypt.dll.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0833",
"url": "https://www.suse.com/security/cve/CVE-2015-0833"
},
{
"category": "external",
"summary": "SUSE Bug 923534 for CVE-2015-0833",
"url": "https://bugzilla.suse.com/923534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-0833"
},
{
"cve": "CVE-2015-0836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0836"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0836",
"url": "https://www.suse.com/security/cve/CVE-2015-0836"
},
{
"category": "external",
"summary": "SUSE Bug 910669 for CVE-2015-0836",
"url": "https://bugzilla.suse.com/910669"
},
{
"category": "external",
"summary": "SUSE Bug 917597 for CVE-2015-0836",
"url": "https://bugzilla.suse.com/917597"
},
{
"category": "external",
"summary": "SUSE Bug 923534 for CVE-2015-0836",
"url": "https://bugzilla.suse.com/923534"
},
{
"category": "external",
"summary": "SUSE Bug 924515 for CVE-2015-0836",
"url": "https://bugzilla.suse.com/924515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-0836"
},
{
"cve": "CVE-2015-2708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2708"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2708",
"url": "https://www.suse.com/security/cve/CVE-2015-2708"
},
{
"category": "external",
"summary": "SUSE Bug 930622 for CVE-2015-2708",
"url": "https://bugzilla.suse.com/930622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-2708"
},
{
"cve": "CVE-2015-2710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2710"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets (CSS) token sequence.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2710",
"url": "https://www.suse.com/security/cve/CVE-2015-2710"
},
{
"category": "external",
"summary": "SUSE Bug 930622 for CVE-2015-2710",
"url": "https://bugzilla.suse.com/930622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-2710"
},
{
"cve": "CVE-2015-2713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2713"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a document containing crafted text in conjunction with a Cascading Style Sheets (CSS) token sequence containing properties related to vertical text.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2713",
"url": "https://www.suse.com/security/cve/CVE-2015-2713"
},
{
"category": "external",
"summary": "SUSE Bug 930622 for CVE-2015-2713",
"url": "https://bugzilla.suse.com/930622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-2713"
},
{
"cve": "CVE-2015-2716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2716"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2015-1283.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2716",
"url": "https://www.suse.com/security/cve/CVE-2015-2716"
},
{
"category": "external",
"summary": "SUSE Bug 930622 for CVE-2015-2716",
"url": "https://bugzilla.suse.com/930622"
},
{
"category": "external",
"summary": "SUSE Bug 939077 for CVE-2015-2716",
"url": "https://bugzilla.suse.com/939077"
},
{
"category": "external",
"summary": "SUSE Bug 980391 for CVE-2015-2716",
"url": "https://bugzilla.suse.com/980391"
},
{
"category": "external",
"summary": "SUSE Bug 983985 for CVE-2015-2716",
"url": "https://bugzilla.suse.com/983985"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-2716"
},
{
"cve": "CVE-2015-2721",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2721"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products, does not properly determine state transitions for the TLS state machine, which allows man-in-the-middle attackers to defeat cryptographic protection mechanisms by blocking messages, as demonstrated by removing a forward-secrecy property by blocking a ServerKeyExchange message, aka a \"SMACK SKIP-TLS\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2721",
"url": "https://www.suse.com/security/cve/CVE-2015-2721"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2721",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2721"
},
{
"cve": "CVE-2015-2722",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2722"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a shared worker.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2722",
"url": "https://www.suse.com/security/cve/CVE-2015-2722"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2722",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2722"
},
{
"cve": "CVE-2015-2724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2724"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2724",
"url": "https://www.suse.com/security/cve/CVE-2015-2724"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2724",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2724"
},
{
"cve": "CVE-2015-2725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2725"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2725",
"url": "https://www.suse.com/security/cve/CVE-2015-2725"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2725",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2725"
},
{
"cve": "CVE-2015-2727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2727"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox 38.0 and Firefox ESR 38.0 allow user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions. NOTE: this vulnerability exists because of a CVE-2015-0821 regression.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2727",
"url": "https://www.suse.com/security/cve/CVE-2015-2727"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2727",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2727"
},
{
"cve": "CVE-2015-2728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2728"
}
],
"notes": [
{
"category": "general",
"text": "The IndexedDatabaseManager class in the IndexedDB implementation in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 misinterprets an unspecified IDBDatabase field as a pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors, related to a \"type confusion\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2728",
"url": "https://www.suse.com/security/cve/CVE-2015-2728"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2728",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2728"
},
{
"cve": "CVE-2015-2729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2729"
}
],
"notes": [
{
"category": "general",
"text": "The AudioParamTimeline::AudioNodeInputValue function in the Web Audio implementation in Mozilla Firefox before 39.0 and Firefox ESR 38.x before 38.1 does not properly calculate an oscillator rendering range, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2729",
"url": "https://www.suse.com/security/cve/CVE-2015-2729"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2729",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2729"
},
{
"cve": "CVE-2015-2730",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2730"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which makes it easier for remote attackers to spoof ECDSA signatures via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2730",
"url": "https://www.suse.com/security/cve/CVE-2015-2730"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2730",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2730"
},
{
"cve": "CVE-2015-2731",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2731"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the CSPService::ShouldLoad function in the microtask implementation in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allows remote attackers to execute arbitrary code by leveraging client-side JavaScript that triggers removal of a DOM object on the basis of a Content Policy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2731",
"url": "https://www.suse.com/security/cve/CVE-2015-2731"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2731",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2731"
},
{
"cve": "CVE-2015-2733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2733"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a dedicated worker.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2733",
"url": "https://www.suse.com/security/cve/CVE-2015-2733"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2733",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2733"
},
{
"cve": "CVE-2015-2734",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2734"
}
],
"notes": [
{
"category": "general",
"text": "The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2734",
"url": "https://www.suse.com/security/cve/CVE-2015-2734"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2734",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2734"
},
{
"cve": "CVE-2015-2735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2735"
}
],
"notes": [
{
"category": "general",
"text": "nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2735",
"url": "https://www.suse.com/security/cve/CVE-2015-2735"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2735",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2735"
},
{
"cve": "CVE-2015-2736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2736"
}
],
"notes": [
{
"category": "general",
"text": "The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2736",
"url": "https://www.suse.com/security/cve/CVE-2015-2736"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2736",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2736"
},
{
"cve": "CVE-2015-2737",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2737"
}
],
"notes": [
{
"category": "general",
"text": "The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2737",
"url": "https://www.suse.com/security/cve/CVE-2015-2737"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2737",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2737"
},
{
"cve": "CVE-2015-2738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2738"
}
],
"notes": [
{
"category": "general",
"text": "The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2738",
"url": "https://www.suse.com/security/cve/CVE-2015-2738"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2738",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2738"
},
{
"cve": "CVE-2015-2739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2739"
}
],
"notes": [
{
"category": "general",
"text": "The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which has unspecified impact and attack vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2739",
"url": "https://www.suse.com/security/cve/CVE-2015-2739"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2739",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2739"
},
{
"cve": "CVE-2015-2740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2740"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 might allow remote attackers to cause a denial of service or have unspecified other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2740",
"url": "https://www.suse.com/security/cve/CVE-2015-2740"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2740",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2740"
},
{
"cve": "CVE-2015-2741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2741"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 do not enforce key pinning upon encountering an X.509 certificate problem that generates a user dialog, which allows user-assisted man-in-the-middle attackers to bypass intended access restrictions by triggering a (1) expired certificate or (2) mismatched hostname for a domain with pinning enabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2741",
"url": "https://www.suse.com/security/cve/CVE-2015-2741"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2741",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2741"
},
{
"cve": "CVE-2015-2743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2743"
}
],
"notes": [
{
"category": "general",
"text": "PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 enables excessive privileges for internal Workers, which might allow remote attackers to execute arbitrary code by leveraging a Same Origin Policy bypass.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2743",
"url": "https://www.suse.com/security/cve/CVE-2015-2743"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-2743",
"url": "https://bugzilla.suse.com/935979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-2743"
},
{
"cve": "CVE-2015-4000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4000"
}
],
"notes": [
{
"category": "general",
"text": "The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the \"Logjam\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4000",
"url": "https://www.suse.com/security/cve/CVE-2015-4000"
},
{
"category": "external",
"summary": "SUSE Bug 1074631 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/1074631"
},
{
"category": "external",
"summary": "SUSE Bug 1211968 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/1211968"
},
{
"category": "external",
"summary": "SUSE Bug 931600 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/931600"
},
{
"category": "external",
"summary": "SUSE Bug 931698 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/931698"
},
{
"category": "external",
"summary": "SUSE Bug 931723 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/931723"
},
{
"category": "external",
"summary": "SUSE Bug 931845 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/931845"
},
{
"category": "external",
"summary": "SUSE Bug 932026 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/932026"
},
{
"category": "external",
"summary": "SUSE Bug 932483 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/932483"
},
{
"category": "external",
"summary": "SUSE Bug 934789 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/934789"
},
{
"category": "external",
"summary": "SUSE Bug 935033 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/935033"
},
{
"category": "external",
"summary": "SUSE Bug 935540 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/935540"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/935979"
},
{
"category": "external",
"summary": "SUSE Bug 937202 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/937202"
},
{
"category": "external",
"summary": "SUSE Bug 937766 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/937766"
},
{
"category": "external",
"summary": "SUSE Bug 938248 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938248"
},
{
"category": "external",
"summary": "SUSE Bug 938432 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938432"
},
{
"category": "external",
"summary": "SUSE Bug 938895 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938895"
},
{
"category": "external",
"summary": "SUSE Bug 938905 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938905"
},
{
"category": "external",
"summary": "SUSE Bug 938906 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938906"
},
{
"category": "external",
"summary": "SUSE Bug 938913 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938913"
},
{
"category": "external",
"summary": "SUSE Bug 938945 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938945"
},
{
"category": "external",
"summary": "SUSE Bug 943664 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/943664"
},
{
"category": "external",
"summary": "SUSE Bug 944729 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/944729"
},
{
"category": "external",
"summary": "SUSE Bug 945582 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/945582"
},
{
"category": "external",
"summary": "SUSE Bug 955589 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/955589"
},
{
"category": "external",
"summary": "SUSE Bug 980406 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/980406"
},
{
"category": "external",
"summary": "SUSE Bug 990592 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/990592"
},
{
"category": "external",
"summary": "SUSE Bug 994144 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/994144"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4000"
},
{
"cve": "CVE-2015-4473",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4473"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4473",
"url": "https://www.suse.com/security/cve/CVE-2015-4473"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4473",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4473"
},
{
"cve": "CVE-2015-4475",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4475"
}
],
"notes": [
{
"category": "general",
"text": "The mozilla::AudioSink function in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 mishandles inconsistent sample formats within MP3 audio data, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a malformed file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4475",
"url": "https://www.suse.com/security/cve/CVE-2015-4475"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4475",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4475"
},
{
"cve": "CVE-2015-4477",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4477"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the MediaStream playback feature in Mozilla Firefox before 40.0 allows remote attackers to execute arbitrary code via unspecified use of the Web Audio API.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4477",
"url": "https://www.suse.com/security/cve/CVE-2015-4477"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4477",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4477"
},
{
"cve": "CVE-2015-4478",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4478"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 do not impose certain ECMAScript 6 requirements on JavaScript object properties, which allows remote attackers to bypass the Same Origin Policy via the reviver parameter to the JSON.parse method.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4478",
"url": "https://www.suse.com/security/cve/CVE-2015-4478"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4478",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4478"
},
{
"cve": "CVE-2015-4479",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4479"
}
],
"notes": [
{
"category": "general",
"text": "Multiple integer overflows in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to execute arbitrary code via a crafted saio chunk in MPEG-4 video data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4479",
"url": "https://www.suse.com/security/cve/CVE-2015-4479"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4479",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4479"
},
{
"cve": "CVE-2015-4480",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4480"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the stagefright::SampleTable::isValid function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via crafted MPEG-4 video data with H.264 encoding.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4480",
"url": "https://www.suse.com/security/cve/CVE-2015-4480"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4480",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4480"
},
{
"cve": "CVE-2015-4481",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4481"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file during an update.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4481",
"url": "https://www.suse.com/security/cve/CVE-2015-4481"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4481",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2015-4481"
},
{
"cve": "CVE-2015-4482",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4482"
}
],
"notes": [
{
"category": "general",
"text": "mar_read.c in the Updater in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows local users to gain privileges or cause a denial of service (out-of-bounds write) via a crafted name of a Mozilla Archive (aka MAR) file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4482",
"url": "https://www.suse.com/security/cve/CVE-2015-4482"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4482",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-4482"
},
{
"cve": "CVE-2015-4484",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4484"
}
],
"notes": [
{
"category": "general",
"text": "The js::jit::AssemblerX86Shared::lock_addl function in the JavaScript implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to cause a denial of service (application crash) by leveraging the use of shared memory and accessing (1) an Atomics object or (2) a SharedArrayBuffer object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4484",
"url": "https://www.suse.com/security/cve/CVE-2015-4484"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4484",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4484"
},
{
"cve": "CVE-2015-4485",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4485"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the resize_context_buffers function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via malformed WebM video data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4485",
"url": "https://www.suse.com/security/cve/CVE-2015-4485"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4485",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4485"
},
{
"cve": "CVE-2015-4486",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4486"
}
],
"notes": [
{
"category": "general",
"text": "The decrease_ref_count function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via malformed WebM video data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4486",
"url": "https://www.suse.com/security/cve/CVE-2015-4486"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4486",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4486"
},
{
"cve": "CVE-2015-4487",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4487"
}
],
"notes": [
{
"category": "general",
"text": "The nsTSubstring::ReplacePrep function in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, related to an \"overflow.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4487",
"url": "https://www.suse.com/security/cve/CVE-2015-4487"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4487",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4487"
},
{
"cve": "CVE-2015-4488",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4488"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the StyleAnimationValue class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 allows remote attackers to have an unspecified impact by leveraging a StyleAnimationValue::operator self assignment.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4488",
"url": "https://www.suse.com/security/cve/CVE-2015-4488"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4488",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4488"
},
{
"cve": "CVE-2015-4489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4489"
}
],
"notes": [
{
"category": "general",
"text": "The nsTArray_Impl class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging a self assignment.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4489",
"url": "https://www.suse.com/security/cve/CVE-2015-4489"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4489",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4489"
},
{
"cve": "CVE-2015-4491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4491"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4491",
"url": "https://www.suse.com/security/cve/CVE-2015-4491"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4491",
"url": "https://bugzilla.suse.com/940806"
},
{
"category": "external",
"summary": "SUSE Bug 942801 for CVE-2015-4491",
"url": "https://bugzilla.suse.com/942801"
},
{
"category": "external",
"summary": "SUSE Bug 948790 for CVE-2015-4491",
"url": "https://bugzilla.suse.com/948790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-4491"
},
{
"cve": "CVE-2015-4492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4492"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the XMLHttpRequest::Open implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 might allow remote attackers to execute arbitrary code via a SharedWorker object that makes recursive calls to the open method of an XMLHttpRequest object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4492",
"url": "https://www.suse.com/security/cve/CVE-2015-4492"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4492",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4492"
},
{
"cve": "CVE-2015-4493",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4493"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via an invalid size field in an esds chunk in MPEG-4 video data, a related issue to CVE-2015-1539.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4493",
"url": "https://www.suse.com/security/cve/CVE-2015-4493"
},
{
"category": "external",
"summary": "SUSE Bug 940806 for CVE-2015-4493",
"url": "https://bugzilla.suse.com/940806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4493"
},
{
"cve": "CVE-2015-4500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4500"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4500",
"url": "https://www.suse.com/security/cve/CVE-2015-4500"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4500",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4500"
},
{
"cve": "CVE-2015-4505",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4505"
}
],
"notes": [
{
"category": "general",
"text": "updater.exe in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows allows local users to write to arbitrary files by conducting a junction attack and waiting for an update operation by the Mozilla Maintenance Service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4505",
"url": "https://www.suse.com/security/cve/CVE-2015-4505"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4505",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-4505"
},
{
"cve": "CVE-2015-4506",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4506"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the vp9_init_context_buffers function in libvpx, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3, allows remote attackers to execute arbitrary code via a crafted VP9 file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4506",
"url": "https://www.suse.com/security/cve/CVE-2015-4506"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4506",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4506"
},
{
"cve": "CVE-2015-4509",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4509"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the HTMLVideoElement interface in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via crafted JavaScript code that modifies the URI table of a media element, aka ZDI-CAN-3176.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4509",
"url": "https://www.suse.com/security/cve/CVE-2015-4509"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4509",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4509"
},
{
"cve": "CVE-2015-4511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4511"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nestegg_track_codec_data function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via a crafted header in a WebM video.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4511",
"url": "https://www.suse.com/security/cve/CVE-2015-4511"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4511",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4511"
},
{
"cve": "CVE-2015-4513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4513"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4513",
"url": "https://www.suse.com/security/cve/CVE-2015-4513"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-4513",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-4513"
},
{
"cve": "CVE-2015-4514",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4514"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4514",
"url": "https://www.suse.com/security/cve/CVE-2015-4514"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-4514",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-4514"
},
{
"cve": "CVE-2015-4517",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4517"
}
],
"notes": [
{
"category": "general",
"text": "NetworkUtils.cpp in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4517",
"url": "https://www.suse.com/security/cve/CVE-2015-4517"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4517",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4517"
},
{
"cve": "CVE-2015-4519",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4519"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow user-assisted remote attackers to bypass intended access restrictions and discover a redirect\u0027s target URL via crafted JavaScript code that executes after a drag-and-drop action of an image into a TEXTBOX element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4519",
"url": "https://www.suse.com/security/cve/CVE-2015-4519"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4519",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4519"
},
{
"cve": "CVE-2015-4520",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4520"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to bypass CORS preflight protection mechanisms by leveraging (1) duplicate cache-key generation or (2) retrieval of a value from an incorrect HTTP Access-Control-* response header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4520",
"url": "https://www.suse.com/security/cve/CVE-2015-4520"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4520",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4520"
},
{
"cve": "CVE-2015-4521",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4521"
}
],
"notes": [
{
"category": "general",
"text": "The ConvertDialogOptions function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4521",
"url": "https://www.suse.com/security/cve/CVE-2015-4521"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4521",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4521"
},
{
"cve": "CVE-2015-4522",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4522"
}
],
"notes": [
{
"category": "general",
"text": "The nsUnicodeToUTF8::GetMaxLength function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an \"overflow.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4522",
"url": "https://www.suse.com/security/cve/CVE-2015-4522"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-4522",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4522"
},
{
"cve": "CVE-2015-7174",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7174"
}
],
"notes": [
{
"category": "general",
"text": "The nsAttrAndChildArray::GrowBy function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an \"overflow.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7174",
"url": "https://www.suse.com/security/cve/CVE-2015-7174"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-7174",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7174"
},
{
"cve": "CVE-2015-7175",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7175"
}
],
"notes": [
{
"category": "general",
"text": "The XULContentSinkImpl::AddText function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an \"overflow.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7175",
"url": "https://www.suse.com/security/cve/CVE-2015-7175"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-7175",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7175"
},
{
"cve": "CVE-2015-7176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7176"
}
],
"notes": [
{
"category": "general",
"text": "The AnimationThread function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 uses an incorrect argument to the sscanf function, which might allow remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7176",
"url": "https://www.suse.com/security/cve/CVE-2015-7176"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-7176",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7176"
},
{
"cve": "CVE-2015-7177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7177"
}
],
"notes": [
{
"category": "general",
"text": "The InitTextures function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7177",
"url": "https://www.suse.com/security/cve/CVE-2015-7177"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-7177",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7177"
},
{
"cve": "CVE-2015-7178",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7178"
}
],
"notes": [
{
"category": "general",
"text": "The ProgramBinary::linkAttributes function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, mishandles shader access, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted (1) OpenGL or (2) WebGL content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7178",
"url": "https://www.suse.com/security/cve/CVE-2015-7178"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-7178",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7178"
},
{
"cve": "CVE-2015-7179",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7179"
}
],
"notes": [
{
"category": "general",
"text": "The VertexBufferInterface::reserveVertexSpace function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, incorrectly allocates memory for shader attribute arrays, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted (1) OpenGL or (2) WebGL content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7179",
"url": "https://www.suse.com/security/cve/CVE-2015-7179"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-7179",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7179"
},
{
"cve": "CVE-2015-7180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7180"
}
],
"notes": [
{
"category": "general",
"text": "The ReadbackResultWriterD3D11::Run function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 misinterprets the return value of a function call, which might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7180",
"url": "https://www.suse.com/security/cve/CVE-2015-7180"
},
{
"category": "external",
"summary": "SUSE Bug 947003 for CVE-2015-7180",
"url": "https://bugzilla.suse.com/947003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7180"
},
{
"cve": "CVE-2015-7181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7181"
}
],
"notes": [
{
"category": "general",
"text": "The sec_asn1d_parse_leaf function in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an unspecified data structure, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data, related to a \"use-after-poison\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7181",
"url": "https://www.suse.com/security/cve/CVE-2015-7181"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7181",
"url": "https://bugzilla.suse.com/952810"
},
{
"category": "external",
"summary": "SUSE Bug 962977 for CVE-2015-7181",
"url": "https://bugzilla.suse.com/962977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7181"
},
{
"cve": "CVE-2015-7182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7182"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7182",
"url": "https://www.suse.com/security/cve/CVE-2015-7182"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7182",
"url": "https://bugzilla.suse.com/952810"
},
{
"category": "external",
"summary": "SUSE Bug 962977 for CVE-2015-7182",
"url": "https://bugzilla.suse.com/962977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7182"
},
{
"cve": "CVE-2015-7183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7183"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7183",
"url": "https://www.suse.com/security/cve/CVE-2015-7183"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7183",
"url": "https://bugzilla.suse.com/952810"
},
{
"category": "external",
"summary": "SUSE Bug 962977 for CVE-2015-7183",
"url": "https://bugzilla.suse.com/962977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7183"
},
{
"cve": "CVE-2015-7188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7188"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to bypass the Same Origin Policy for an IP address origin, and conduct cross-site scripting (XSS) attacks, by appending whitespace characters to an IP address string.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7188",
"url": "https://www.suse.com/security/cve/CVE-2015-7188"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7188",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7188"
},
{
"cve": "CVE-2015-7189",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7189"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the JPEGEncoder function in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via vectors involving a CANVAS element and crafted JavaScript code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7189",
"url": "https://www.suse.com/security/cve/CVE-2015-7189"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7189",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7189"
},
{
"cve": "CVE-2015-7193",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7193"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly follow the CORS cross-origin request algorithm for the POST method in situations involving an unspecified Content-Type header manipulation, which allows remote attackers to bypass the Same Origin Policy by leveraging the lack of a preflight-request step.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7193",
"url": "https://www.suse.com/security/cve/CVE-2015-7193"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7193",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7193"
},
{
"cve": "CVE-2015-7194",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7194"
}
],
"notes": [
{
"category": "general",
"text": "Buffer underflow in libjar in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP archive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7194",
"url": "https://www.suse.com/security/cve/CVE-2015-7194"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7194",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7194"
},
{
"cve": "CVE-2015-7196",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7196"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, when a Java plugin is enabled, allow remote attackers to cause a denial of service (incorrect garbage collection and application crash) or possibly execute arbitrary code via a crafted Java applet that deallocates an in-use JavaScript wrapper.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7196",
"url": "https://www.suse.com/security/cve/CVE-2015-7196"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7196",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7196"
},
{
"cve": "CVE-2015-7197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7197"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly control the ability of a web worker to create a WebSocket object, which allows remote attackers to bypass intended mixed-content restrictions via crafted JavaScript code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7197",
"url": "https://www.suse.com/security/cve/CVE-2015-7197"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7197",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7197"
},
{
"cve": "CVE-2015-7198",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7198"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the rx::TextureStorage11 class in ANGLE, as used in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted texture data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7198",
"url": "https://www.suse.com/security/cve/CVE-2015-7198"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7198",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7198"
},
{
"cve": "CVE-2015-7199",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7199"
}
],
"notes": [
{
"category": "general",
"text": "The (1) AddWeightedPathSegLists and (2) SVGPathSegListSMILType::Interpolate functions in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lack status checking, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted SVG document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7199",
"url": "https://www.suse.com/security/cve/CVE-2015-7199"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7199",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7199"
},
{
"cve": "CVE-2015-7200",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7200"
}
],
"notes": [
{
"category": "general",
"text": "The CryptoKey interface implementation in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lacks status checking, which allows attackers to have an unspecified impact via vectors related to a cryptographic key.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7200",
"url": "https://www.suse.com/security/cve/CVE-2015-7200"
},
{
"category": "external",
"summary": "SUSE Bug 952810 for CVE-2015-7200",
"url": "https://bugzilla.suse.com/952810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7200"
},
{
"cve": "CVE-2015-7201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7201"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7201",
"url": "https://www.suse.com/security/cve/CVE-2015-7201"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7201",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7201"
},
{
"cve": "CVE-2015-7205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7205"
}
],
"notes": [
{
"category": "general",
"text": "Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a crafted WebRTC RTP packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7205",
"url": "https://www.suse.com/security/cve/CVE-2015-7205"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7205",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7205"
},
{
"cve": "CVE-2015-7207",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7207"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 43.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and performance.getEntries calls, a related issue to CVE-2015-1300.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7207",
"url": "https://www.suse.com/security/cve/CVE-2015-7207"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7207",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7207"
},
{
"cve": "CVE-2015-7210",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7210"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7210",
"url": "https://www.suse.com/security/cve/CVE-2015-7210"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7210",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7210"
},
{
"cve": "CVE-2015-7212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7212"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering a graphics operation that requires a large texture allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7212",
"url": "https://www.suse.com/security/cve/CVE-2015-7212"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7212",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7212"
},
{
"cve": "CVE-2015-7213",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7213"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7213",
"url": "https://www.suse.com/security/cve/CVE-2015-7213"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7213",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7213"
},
{
"cve": "CVE-2015-7214",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7214"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to bypass the Same Origin Policy via data: and view-source: URIs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7214",
"url": "https://www.suse.com/security/cve/CVE-2015-7214"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7214",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7214"
},
{
"cve": "CVE-2015-7222",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7222"
}
],
"notes": [
{
"category": "general",
"text": "Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect memory allocation and application crash) via an MP4 video file with crafted covr metadata that triggers a buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7222",
"url": "https://www.suse.com/security/cve/CVE-2015-7222"
},
{
"category": "external",
"summary": "SUSE Bug 959277 for CVE-2015-7222",
"url": "https://bugzilla.suse.com/959277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7222"
},
{
"cve": "CVE-2015-7575",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7575"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7575",
"url": "https://www.suse.com/security/cve/CVE-2015-7575"
},
{
"category": "external",
"summary": "SUSE Bug 959888 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/959888"
},
{
"category": "external",
"summary": "SUSE Bug 960402 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/960402"
},
{
"category": "external",
"summary": "SUSE Bug 960996 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/960996"
},
{
"category": "external",
"summary": "SUSE Bug 961280 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961280"
},
{
"category": "external",
"summary": "SUSE Bug 961281 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961281"
},
{
"category": "external",
"summary": "SUSE Bug 961282 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961282"
},
{
"category": "external",
"summary": "SUSE Bug 961283 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961283"
},
{
"category": "external",
"summary": "SUSE Bug 961284 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961284"
},
{
"category": "external",
"summary": "SUSE Bug 961290 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961290"
},
{
"category": "external",
"summary": "SUSE Bug 961357 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/961357"
},
{
"category": "external",
"summary": "SUSE Bug 962743 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/962743"
},
{
"category": "external",
"summary": "SUSE Bug 963937 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/963937"
},
{
"category": "external",
"summary": "SUSE Bug 967521 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/967521"
},
{
"category": "external",
"summary": "SUSE Bug 981087 for CVE-2015-7575",
"url": "https://bugzilla.suse.com/981087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7575"
},
{
"cve": "CVE-2016-1930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1930"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1930",
"url": "https://www.suse.com/security/cve/CVE-2016-1930"
},
{
"category": "external",
"summary": "SUSE Bug 963520 for CVE-2016-1930",
"url": "https://bugzilla.suse.com/963520"
},
{
"category": "external",
"summary": "SUSE Bug 963632 for CVE-2016-1930",
"url": "https://bugzilla.suse.com/963632"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2016-1930"
},
{
"cve": "CVE-2016-1935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1935"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code via crafted WebGL content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1935",
"url": "https://www.suse.com/security/cve/CVE-2016-1935"
},
{
"category": "external",
"summary": "SUSE Bug 963520 for CVE-2016-1935",
"url": "https://bugzilla.suse.com/963520"
},
{
"category": "external",
"summary": "SUSE Bug 963635 for CVE-2016-1935",
"url": "https://bugzilla.suse.com/963635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-1935"
},
{
"cve": "CVE-2016-1950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1950"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1950",
"url": "https://www.suse.com/security/cve/CVE-2016-1950"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/969894"
},
{
"category": "external",
"summary": "SUSE Bug 970257 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/970257"
},
{
"category": "external",
"summary": "SUSE Bug 970377 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/970377"
},
{
"category": "external",
"summary": "SUSE Bug 970378 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/970378"
},
{
"category": "external",
"summary": "SUSE Bug 970379 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/970379"
},
{
"category": "external",
"summary": "SUSE Bug 970380 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/970380"
},
{
"category": "external",
"summary": "SUSE Bug 970381 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/970381"
},
{
"category": "external",
"summary": "SUSE Bug 970431 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/970431"
},
{
"category": "external",
"summary": "SUSE Bug 970433 for CVE-2016-1950",
"url": "https://bugzilla.suse.com/970433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1950"
},
{
"cve": "CVE-2016-1952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1952"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1952",
"url": "https://www.suse.com/security/cve/CVE-2016-1952"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1952",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1952"
},
{
"cve": "CVE-2016-1953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1953"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to js/src/jit/arm/Assembler-arm.cpp, and unknown other vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1953",
"url": "https://www.suse.com/security/cve/CVE-2016-1953"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1953",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1953"
},
{
"cve": "CVE-2016-1954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1954"
}
],
"notes": [
{
"category": "general",
"text": "The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1954",
"url": "https://www.suse.com/security/cve/CVE-2016-1954"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1954",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1954"
},
{
"cve": "CVE-2016-1955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1955"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy (CSP) violation report that contains path information associated with an IFRAME element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1955",
"url": "https://www.suse.com/security/cve/CVE-2016-1955"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1955",
"url": "https://bugzilla.suse.com/969894"
},
{
"category": "external",
"summary": "SUSE Bug 970257 for CVE-2016-1955",
"url": "https://bugzilla.suse.com/970257"
},
{
"category": "external",
"summary": "SUSE Bug 970377 for CVE-2016-1955",
"url": "https://bugzilla.suse.com/970377"
},
{
"category": "external",
"summary": "SUSE Bug 970378 for CVE-2016-1955",
"url": "https://bugzilla.suse.com/970378"
},
{
"category": "external",
"summary": "SUSE Bug 970379 for CVE-2016-1955",
"url": "https://bugzilla.suse.com/970379"
},
{
"category": "external",
"summary": "SUSE Bug 970380 for CVE-2016-1955",
"url": "https://bugzilla.suse.com/970380"
},
{
"category": "external",
"summary": "SUSE Bug 970381 for CVE-2016-1955",
"url": "https://bugzilla.suse.com/970381"
},
{
"category": "external",
"summary": "SUSE Bug 970431 for CVE-2016-1955",
"url": "https://bugzilla.suse.com/970431"
},
{
"category": "external",
"summary": "SUSE Bug 970433 for CVE-2016-1955",
"url": "https://bugzilla.suse.com/970433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1955"
},
{
"cve": "CVE-2016-1956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1956"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service (memory consumption or stack memory corruption) by triggering use of a WebGL shader.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1956",
"url": "https://www.suse.com/security/cve/CVE-2016-1956"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1956",
"url": "https://bugzilla.suse.com/969894"
},
{
"category": "external",
"summary": "SUSE Bug 970257 for CVE-2016-1956",
"url": "https://bugzilla.suse.com/970257"
},
{
"category": "external",
"summary": "SUSE Bug 970377 for CVE-2016-1956",
"url": "https://bugzilla.suse.com/970377"
},
{
"category": "external",
"summary": "SUSE Bug 970378 for CVE-2016-1956",
"url": "https://bugzilla.suse.com/970378"
},
{
"category": "external",
"summary": "SUSE Bug 970379 for CVE-2016-1956",
"url": "https://bugzilla.suse.com/970379"
},
{
"category": "external",
"summary": "SUSE Bug 970380 for CVE-2016-1956",
"url": "https://bugzilla.suse.com/970380"
},
{
"category": "external",
"summary": "SUSE Bug 970381 for CVE-2016-1956",
"url": "https://bugzilla.suse.com/970381"
},
{
"category": "external",
"summary": "SUSE Bug 970431 for CVE-2016-1956",
"url": "https://bugzilla.suse.com/970431"
},
{
"category": "external",
"summary": "SUSE Bug 970433 for CVE-2016-1956",
"url": "https://bugzilla.suse.com/970433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1956"
},
{
"cve": "CVE-2016-1957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1957"
}
],
"notes": [
{
"category": "general",
"text": "Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to cause a denial of service (memory consumption) via an MPEG-4 file that triggers a delete operation on an array.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1957",
"url": "https://www.suse.com/security/cve/CVE-2016-1957"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1957",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-1957"
},
{
"cve": "CVE-2016-1958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1958"
}
],
"notes": [
{
"category": "general",
"text": "browser/base/content/browser.js in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to spoof the address bar via a javascript: URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1958",
"url": "https://www.suse.com/security/cve/CVE-2016-1958"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1958",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-1958"
},
{
"cve": "CVE-2016-1960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1960"
}
],
"notes": [
{
"category": "general",
"text": "Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) by leveraging mishandling of end tags, as demonstrated by incorrect SVG processing, aka ZDI-CAN-3545.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1960",
"url": "https://www.suse.com/security/cve/CVE-2016-1960"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1960",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1960"
},
{
"cve": "CVE-2016-1961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1961"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsHTMLDocument::SetBody function in dom/html/nsHTMLDocument.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of a root element, aka ZDI-CAN-3574.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1961",
"url": "https://www.suse.com/security/cve/CVE-2016-1961"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1961",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1961"
},
{
"cve": "CVE-2016-1962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1962"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::DataChannelConnection::Close function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of WebRTC data-channel connections.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1962",
"url": "https://www.suse.com/security/cve/CVE-2016-1962"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1962",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2016-1962"
},
{
"cve": "CVE-2016-1964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1964"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the AtomicBaseIncDec function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging mishandling of XML transformations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1964",
"url": "https://www.suse.com/security/cve/CVE-2016-1964"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1964",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1964"
},
{
"cve": "CVE-2016-1965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1965"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 mishandle a navigation sequence that returns to the original page, which allows remote attackers to spoof the address bar via vectors involving the history.back method and the location.protocol property.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1965",
"url": "https://www.suse.com/security/cve/CVE-2016-1965"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1965",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-1965"
},
{
"cve": "CVE-2016-1966",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1966"
}
],
"notes": [
{
"category": "general",
"text": "The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference and memory corruption) via a crafted NPAPI plugin.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1966",
"url": "https://www.suse.com/security/cve/CVE-2016-1966"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1966",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1966"
},
{
"cve": "CVE-2016-1974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1974"
}
],
"notes": [
{
"category": "general",
"text": "The nsScannerString::AppendUnicodeTo function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not verify that memory allocation succeeds, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via crafted Unicode data in an HTML, XML, or SVG document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1974",
"url": "https://www.suse.com/security/cve/CVE-2016-1974"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1974",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1974"
},
{
"cve": "CVE-2016-1977",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1977"
}
],
"notes": [
{
"category": "general",
"text": "The Machine::Code::decoder::analysis::set_ref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted Graphite smart font.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1977",
"url": "https://www.suse.com/security/cve/CVE-2016-1977"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1977",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1977"
},
{
"cve": "CVE-2016-1979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1979"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the PK11_ImportDERPrivateKeyInfoAndReturnKey function in Mozilla Network Security Services (NSS) before 3.21.1, as used in Mozilla Firefox before 45.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted key data with DER encoding.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1979",
"url": "https://www.suse.com/security/cve/CVE-2016-1979"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-1979",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-1979"
},
{
"cve": "CVE-2016-2790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2790"
}
],
"notes": [
{
"category": "general",
"text": "The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted Graphite smart font.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2790",
"url": "https://www.suse.com/security/cve/CVE-2016-2790"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2790",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2790"
},
{
"cve": "CVE-2016-2791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2791"
}
],
"notes": [
{
"category": "general",
"text": "The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2791",
"url": "https://www.suse.com/security/cve/CVE-2016-2791"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2791",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2791"
},
{
"cve": "CVE-2016-2792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2792"
}
],
"notes": [
{
"category": "general",
"text": "The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2800.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2792",
"url": "https://www.suse.com/security/cve/CVE-2016-2792"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2792",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2792"
},
{
"cve": "CVE-2016-2793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2793"
}
],
"notes": [
{
"category": "general",
"text": "CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2793",
"url": "https://www.suse.com/security/cve/CVE-2016-2793"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2793",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2793"
},
{
"cve": "CVE-2016-2794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2794"
}
],
"notes": [
{
"category": "general",
"text": "The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2794",
"url": "https://www.suse.com/security/cve/CVE-2016-2794"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2794",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2794"
},
{
"cve": "CVE-2016-2795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2795"
}
],
"notes": [
{
"category": "general",
"text": "The graphite2::FileFace::get_table_fn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted Graphite smart font.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2795",
"url": "https://www.suse.com/security/cve/CVE-2016-2795"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2795",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2795"
},
{
"cve": "CVE-2016-2796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2796"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2796",
"url": "https://www.suse.com/security/cve/CVE-2016-2796"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2796",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2796"
},
{
"cve": "CVE-2016-2797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2797"
}
],
"notes": [
{
"category": "general",
"text": "The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2801.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2797",
"url": "https://www.suse.com/security/cve/CVE-2016-2797"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2797",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2797"
},
{
"cve": "CVE-2016-2798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2798"
}
],
"notes": [
{
"category": "general",
"text": "The graphite2::GlyphCache::Loader::Loader function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2798",
"url": "https://www.suse.com/security/cve/CVE-2016-2798"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2798",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2798"
},
{
"cve": "CVE-2016-2799",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2799"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the graphite2::Slot::setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2799",
"url": "https://www.suse.com/security/cve/CVE-2016-2799"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2799",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2799"
},
{
"cve": "CVE-2016-2800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2800"
}
],
"notes": [
{
"category": "general",
"text": "The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2792.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2800",
"url": "https://www.suse.com/security/cve/CVE-2016-2800"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2800",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2800"
},
{
"cve": "CVE-2016-2801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2801"
}
],
"notes": [
{
"category": "general",
"text": "The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2797.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2801",
"url": "https://www.suse.com/security/cve/CVE-2016-2801"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2801",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2801"
},
{
"cve": "CVE-2016-2802",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2802"
}
],
"notes": [
{
"category": "general",
"text": "The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2802",
"url": "https://www.suse.com/security/cve/CVE-2016-2802"
},
{
"category": "external",
"summary": "SUSE Bug 969894 for CVE-2016-2802",
"url": "https://bugzilla.suse.com/969894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-2802"
},
{
"cve": "CVE-2016-2806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2806"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2806",
"url": "https://www.suse.com/security/cve/CVE-2016-2806"
},
{
"category": "external",
"summary": "SUSE Bug 977375 for CVE-2016-2806",
"url": "https://bugzilla.suse.com/977375"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2806"
},
{
"cve": "CVE-2016-2807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2807"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2807",
"url": "https://www.suse.com/security/cve/CVE-2016-2807"
},
{
"category": "external",
"summary": "SUSE Bug 977333 for CVE-2016-2807",
"url": "https://bugzilla.suse.com/977333"
},
{
"category": "external",
"summary": "SUSE Bug 977376 for CVE-2016-2807",
"url": "https://bugzilla.suse.com/977376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2807"
},
{
"cve": "CVE-2016-2815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2815"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2815",
"url": "https://www.suse.com/security/cve/CVE-2016-2815"
},
{
"category": "external",
"summary": "SUSE Bug 983549 for CVE-2016-2815",
"url": "https://bugzilla.suse.com/983549"
},
{
"category": "external",
"summary": "SUSE Bug 983638 for CVE-2016-2815",
"url": "https://bugzilla.suse.com/983638"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2815"
},
{
"cve": "CVE-2016-2818",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2818"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2818",
"url": "https://www.suse.com/security/cve/CVE-2016-2818"
},
{
"category": "external",
"summary": "SUSE Bug 983549 for CVE-2016-2818",
"url": "https://bugzilla.suse.com/983549"
},
{
"category": "external",
"summary": "SUSE Bug 983638 for CVE-2016-2818",
"url": "https://bugzilla.suse.com/983638"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2818"
},
{
"cve": "CVE-2016-2830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2830"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve the network connection used for favicon resource retrieval after the associated browser window is closed, which makes it easier for remote web servers to track users by observing network traffic from multiple IP addresses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2830",
"url": "https://www.suse.com/security/cve/CVE-2016-2830"
},
{
"category": "external",
"summary": "SUSE Bug 983922 for CVE-2016-2830",
"url": "https://bugzilla.suse.com/983922"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-2830",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2830"
},
{
"cve": "CVE-2016-2836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2836"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to Http2Session::Shutdown and SpdySession31::Shutdown, and other vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2836",
"url": "https://www.suse.com/security/cve/CVE-2016-2836"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-2836",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2836"
},
{
"cve": "CVE-2016-2837",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2837"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Extensions (EME) API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media Plugin (GMP) sandbox bypass.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2837",
"url": "https://www.suse.com/security/cve/CVE-2016-2837"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-2837",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2837"
},
{
"cve": "CVE-2016-2838",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2838"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via directional content in an SVG document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2838",
"url": "https://www.suse.com/security/cve/CVE-2016-2838"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-2838",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2838"
},
{
"cve": "CVE-2016-2839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2839"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 on Linux make cairo _cairo_surface_get_extents calls that do not properly interact with libav header allocation in FFmpeg 0.10, which allows remote attackers to cause a denial of service (application crash) via a crafted video.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2839",
"url": "https://www.suse.com/security/cve/CVE-2016-2839"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-2839",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2839"
},
{
"cve": "CVE-2016-5252",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5252"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via crafted two-dimensional graphics data that is mishandled during clipping-region calculations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5252",
"url": "https://www.suse.com/security/cve/CVE-2016-5252"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5252",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5252"
},
{
"cve": "CVE-2016-5254",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5254"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsXULPopupManager::KeyDown function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by leveraging keyboard access to use the Alt key during selection of top-level menu items.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5254",
"url": "https://www.suse.com/security/cve/CVE-2016-5254"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5254",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5254"
},
{
"cve": "CVE-2016-5258",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5258"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the WebRTC socket thread in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code by leveraging incorrect free operations on DTLS objects during the shutdown of a WebRTC session.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5258",
"url": "https://www.suse.com/security/cve/CVE-2016-5258"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5258",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5258"
},
{
"cve": "CVE-2016-5259",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5259"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via a script that closes its own Service Worker within a nested sync event loop.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5259",
"url": "https://www.suse.com/security/cve/CVE-2016-5259"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5259",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5259"
},
{
"cve": "CVE-2016-5262",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5262"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 process JavaScript event-handler attributes of a MARQUEE element within a sandboxed IFRAME element that lacks the sandbox=\"allow-scripts\" attribute value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5262",
"url": "https://www.suse.com/security/cve/CVE-2016-5262"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5262",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5262"
},
{
"cve": "CVE-2016-5263",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5263"
}
],
"notes": [
{
"category": "general",
"text": "The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 mishandles rendering display transformation, which allows remote attackers to execute arbitrary code via a crafted web site that leverages \"type confusion.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5263",
"url": "https://www.suse.com/security/cve/CVE-2016-5263"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5263",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5263"
},
{
"cve": "CVE-2016-5264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5264"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildListChange function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG element that is mishandled during effect application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5264",
"url": "https://www.suse.com/security/cve/CVE-2016-5264"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5264",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5264"
},
{
"cve": "CVE-2016-5265",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5265"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow user-assisted remote attackers to bypass the Same Origin Policy, and conduct Universal XSS (UXSS) attacks or read arbitrary files, by arranging for the presence of a crafted HTML document and a crafted shortcut file in the same local directory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5265",
"url": "https://www.suse.com/security/cve/CVE-2016-5265"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5265",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5265"
},
{
"cve": "CVE-2016-5290",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5290"
}
],
"notes": [
{
"category": "general",
"text": "Memory safety bugs were reported in Firefox 49 and Firefox ESR 45.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5290",
"url": "https://www.suse.com/security/cve/CVE-2016-5290"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-5290",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010427 for CVE-2016-5290",
"url": "https://bugzilla.suse.com/1010427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5290"
},
{
"cve": "CVE-2016-5291",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5291"
}
],
"notes": [
{
"category": "general",
"text": "A same-origin policy bypass with local shortcut files to load arbitrary local content from disk. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5291",
"url": "https://www.suse.com/security/cve/CVE-2016-5291"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-5291",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010410 for CVE-2016-5291",
"url": "https://bugzilla.suse.com/1010410"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5291"
},
{
"cve": "CVE-2016-5296",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5296"
}
],
"notes": [
{
"category": "general",
"text": "A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5296",
"url": "https://www.suse.com/security/cve/CVE-2016-5296"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-5296",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010395 for CVE-2016-5296",
"url": "https://bugzilla.suse.com/1010395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5296"
},
{
"cve": "CVE-2016-5297",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5297"
}
],
"notes": [
{
"category": "general",
"text": "An error in argument length checking in JavaScript, leading to potential integer overflows or other bounds checking issues. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5297",
"url": "https://www.suse.com/security/cve/CVE-2016-5297"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-5297",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010401 for CVE-2016-5297",
"url": "https://bugzilla.suse.com/1010401"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5297"
},
{
"cve": "CVE-2016-6354",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-6354"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-6354",
"url": "https://www.suse.com/security/cve/CVE-2016-6354"
},
{
"category": "external",
"summary": "SUSE Bug 1026047 for CVE-2016-6354",
"url": "https://bugzilla.suse.com/1026047"
},
{
"category": "external",
"summary": "SUSE Bug 1035082 for CVE-2016-6354",
"url": "https://bugzilla.suse.com/1035082"
},
{
"category": "external",
"summary": "SUSE Bug 1035209 for CVE-2016-6354",
"url": "https://bugzilla.suse.com/1035209"
},
{
"category": "external",
"summary": "SUSE Bug 990856 for CVE-2016-6354",
"url": "https://bugzilla.suse.com/990856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-6354"
},
{
"cve": "CVE-2016-9066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9066"
}
],
"notes": [
{
"category": "general",
"text": "A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when handling large amounts of incoming data. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9066",
"url": "https://www.suse.com/security/cve/CVE-2016-9066"
},
{
"category": "external",
"summary": "SUSE Bug 1009026 for CVE-2016-9066",
"url": "https://bugzilla.suse.com/1009026"
},
{
"category": "external",
"summary": "SUSE Bug 1010404 for CVE-2016-9066",
"url": "https://bugzilla.suse.com/1010404"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9066"
},
{
"cve": "CVE-2016-9079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9079"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox \u003c 50.0.2, Firefox ESR \u003c 45.5.1, and Thunderbird \u003c 45.5.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9079",
"url": "https://www.suse.com/security/cve/CVE-2016-9079"
},
{
"category": "external",
"summary": "SUSE Bug 1012964 for CVE-2016-9079",
"url": "https://bugzilla.suse.com/1012964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-buildsymbols-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-devel-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-45.5.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-45.5.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9079"
}
]
}
OPENSUSE-SU-2024:14572-1
Vulnerability from csaf_opensuse - Published: 2024-12-12 00:00 - Updated: 2024-12-12 00:00Summary
firefox-esr-128.5.1-1.1 on GA media
Notes
Title of the patch
firefox-esr-128.5.1-1.1 on GA media
Description of the patch
These are all security issues fixed in the firefox-esr-128.5.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-14572
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).